[PLUG] Re: iptables - 4 interfaces

Keith Morse kgmorse at mpcu.com
Wed Nov 26 17:44:02 UTC 2003


On Wed, 26 Nov 2003, Kris wrote:

> Speaking of iptables, does anyone have a script that handles 4 interfaces?
> Right now I'm in the process of duplicating the commands from the DMZ on a 3
> interface script to incorporate a 4th one.

IMO, fwbuilder is the right tool for this.  4 interfaces is alot and no 
matter how good a iptables wiz you are,  it's much too easy to fat finger 
a config file.  And with fwbuilder you can comment the config file, xml 
based, to aid in the future audit of your firewall rule set.


www.fwbuilder.org.  Requires X and some specific libraries, but a very
nice product and the author is responsive to all queries via the
mail-list.  I run fwbuilder from central host and scp the resulting
scripts to the firewalls that I manage.




More information about the PLUG mailing list