Ted,
I believe you can create a redhat-style iptables file, after you've
created your policy by running iptables-save .. Not the best
solution, but a workable one.
Otherwise, FWbuilder is nice, but in my experience it's somewhat buggy.
I've never been able to get it to work reliably enough
to create a policy all the way through on any platform it supports.
Michael
Ted Kaczmarek wrote:
>On Tue, 2005-05-24 at 12:25 -0400, DJ Gregor wrote:
>
>
>>In terms of ACL compilers, has anyone looked at Firewall Builder? It
>>looks to have a general XML format that defines the policy (although at
>>a low-level, in terms of ports and devices), along with translators
>>from the XML format into implementation-specific configuration
>>statements.
>>
>> http://www.fwbuilder.org/
>>
>>I've also seen the same thing done in a commercial product where not
>>only the firewall configuration, but the entire device configuration
>>was specified in an XML language that was translated to operating
>>system-specific configurations (for multiple OSes, even). The XML
>>configurations were per-device, not per-network, however.
>>
>>
>> - djg
>>
>>
>>
>I would like it a lot more if it generated redhat style iptables
>file :-)
>It is a most popular tool used by lots of people I know.
>
>Ted
>
>
>
>
--
-------------------
BitPusher, LLC
http://www.bitpusher.com/
1.888.9PUSHER
(415) 724.7998 - Mobile
Follow-Ups:
References:
|
|
