[PLUG] Re: iptables - 4 interfaces
Keith Morse
kgmorse at mpcu.com
Wed Nov 26 17:44:02 UTC 2003
On Wed, 26 Nov 2003, Kris wrote:
> Speaking of iptables, does anyone have a script that handles 4 interfaces?
> Right now I'm in the process of duplicating the commands from the DMZ on a 3
> interface script to incorporate a 4th one.
IMO, fwbuilder is the right tool for this. 4 interfaces is alot and no
matter how good a iptables wiz you are, it's much too easy to fat finger
a config file. And with fwbuilder you can comment the config file, xml
based, to aid in the future audit of your firewall rule set.
www.fwbuilder.org. Requires X and some specific libraries, but a very
nice product and the author is responsive to all queries via the
mail-list. I run fwbuilder from central host and scp the resulting
scripts to the firewalls that I manage.
More information about the PLUG
mailing list