Re: Linux and Fwbuilder, essential tools for smart networking admins. - Linux

This is a discussion on Re: Linux and Fwbuilder, essential tools for smart networking admins. - Linux ; On 2008-10-25, Terry Porter wrote: > How to administer IPTABLES rulesets remotely using Linux. Hmmm.. remote is the only way I can do it on my WRT54GL. I just use script files and manually add or delete rules if needed ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Re: Linux and Fwbuilder, essential tools for smart networking admins.

  1. Re: Linux and Fwbuilder, essential tools for smart networking admins.

    On 2008-10-25, Terry Porter wrote:
    > How to administer IPTABLES rulesets remotely using Linux.


    Hmmm.. remote is the only way I can do it on my WRT54GL.

    I just use script files and manually add or delete rules if needed for
    testing or special occasions.

    --
    Regards,

    Gregory.
    Gentoo Linux - Penguin Power

  2. Re: Linux and Fwbuilder, essential tools for smart networking admins.

    On 2008-10-26, Terry Porter wrote:
    > On Sat, 25 Oct 2008 20:50:39 +0000, Gregory Shearman wrote:
    >
    >> On 2008-10-25, Terry Porter wrote:
    >>> How to administer IPTABLES rulesets remotely using Linux.

    >>
    >> Hmmm.. remote is the only way I can do it on my WRT54GL.

    >
    > Yes, one can't (easily) just install the latest hot IPTABLES "genius
    > firewall builder" on an embedded platform, even if you *do* have the
    > memory resources free.
    >
    > FwBuilder gives you the freedom to use a full blown GUI object oriented
    > IPTABLES designer locally, and upload it via SSH to the target machine,
    > automatically.
    >
    > All rulesets are kept on the local workstation where they can be
    > versioned by FwBuilder etc.
    >
    > Flatfish will never be able to use it tho, as FwBuilder doesn't use
    > Telnet, and we all have seen his obsession with Telnet recently.


    GentooPenguin$ eix fwbuilder

    * net-firewall/fwbuilder
    Available versions: 2.0.12 ~2.1.13-r2 ~2.1.14 ~2.1.18 {nls}
    Homepage: http://www.fwbuilder.org/
    Description: A firewall GUI

    * net-libs/libfwbuilder
    Available versions: 2.0.12 ~2.1.13-r1 ~2.1.14 ~2.1.18 {snmp ssl stlport}
    Homepage: http://www.fwbuilder.org/
    Description: Firewall Builder 2.1 API library and compiler framework

    Found 2 matches.

    Yep. Gentoo has it. 2.0.12 is listed as x86 stable.

    Looks good! I might consider it when I get a few quiet moments.
    >
    >>
    >> I just use script files and manually add or delete rules if needed for
    >> testing or special occasions.

    >
    > I think you'd love Fwbuilder
    >
    > From the website at: http://www.fwbuilder.org/
    >
    > Firewall Builder is a GUI firewall configuration and management tool that
    > supports iptables (netfilter), ipfilter, pf, ipfw, Cisco PIX (FWSM, ASA)
    > and Cisco routers extended access lists. Firewall Builder uses object-
    > oriented approach, it helps administrator maintain a database of network
    > objects and allows policy editing using simple drag-and-drop operations.
    >
    > FwBuilder is available for all main Linux distros (rpms, debs etc) and as
    > a tarball.


    The beauty of raw IPTABLES is that everything follows a logical course.
    It reminds me somewhat of procmail rulesets, with the packet entering
    the top of the ruleset and trickling its way down, maybe being altered
    on its course, until it is either dumped or passed.

    It's not difficult when you approach it as a programming problem.

    --
    Regards,

    Gregory.
    Gentoo Linux - Penguin Power

  3. Re: Linux and Fwbuilder, essential tools for smart networkingadmins.

    On Sun, 26 Oct 2008 01:30:59 +0000, Gregory Shearman wrote:



    > GentooPenguin$ eix fwbuilder


    > Yep. Gentoo has it. 2.0.12 is listed as x86 stable.
    >
    > Looks good! I might consider it when I get a few quiet moments.


    gronk1 linux # eix fwbuilder
    [U] net-firewall/fwbuilder
    Available versions: 2.0.12 (~)2.1.13-r2 (~)2.1.14 (~)2.1.18 {nls}
    Installed versions: 2.1.14(20:04:08 10/04/08)(nls)
    Homepage: http://www.fwbuilder.org/
    Description: A firewall GUI

    [U] net-libs/libfwbuilder
    Available versions: 2.0.12 (~)2.1.13-r1 (~)2.1.14 (~)2.1.18 {snmp
    ssl stlport}
    Installed versions: 2.1.14(19:57:05 10/04/08)(snmp ssl -stlport)
    Homepage: http://www.fwbuilder.org/
    Description: Firewall Builder 2.1 API library and compiler
    framework

    I use and prefer the 2.1.X series. Its perfectly stable on this Linux
    box:-
    Linux gronk1 2.6.23-gentoo-r8 #1 SMP PREEMPT Sat Jun 7 01:24:52 EST 2008
    i686 Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz GenuineIntel GNU/Linux




    > The beauty of raw IPTABLES is that everything follows a logical course.
    > It reminds me somewhat of procmail rulesets, with the packet entering
    > the top of the ruleset and trickling its way down, maybe being altered
    > on its course, until it is either dumped or passed.
    >
    > It's not difficult when you approach it as a programming problem.


    It is for me, I'm an electronics tech, not a programmer





    --
    Linux full time, on the desktop, since August 1997

  4. Re: Linux and Fwbuilder, essential tools for smart networking admins.

    Terry Porter writes:

    > On Sun, 26 Oct 2008 01:30:59 +0000, Gregory Shearman wrote:
    >
    >
    >
    >> GentooPenguin$ eix fwbuilder

    >
    >> Yep. Gentoo has it. 2.0.12 is listed as x86 stable.
    >>
    >> Looks good! I might consider it when I get a few quiet moments.

    >


    >
    > I use and prefer the 2.1.X series.


    Debian unstable recently rolled out the 3.x series. Two disappointments:

    1. It no longer automatically opens the last policy you were editing.

    2. It has moved the policy/NAT/Routing tabs from the main window to
    the tree under Firewalls.

    The last one I can understand, as you can use it to set up subpolicies
    on the firewall, to approximate a zone-based rule model. The first one
    I consider a regression.

    Mart


    --
    "We will need a longer wall when the revolution comes."
    --- AJS, quoting an uncertain source.

+ Reply to Thread