firewall?

[John]

VETSEL Patrice wrote:
> Le samedi 02 octobre 2004 à 08:59 +0800, John a écrit :
> 
>>VETSEL Patrice wrote:
>>
>>>Shorewall (very powerfull) is provided with warty
>>
>>I agree, but OTOH
>>a. It's not installed & configured by default. Newcomers won't have it 
>>(or any other sound choice) in place and won't now what to look for, or 
>>maybe even to lookfor it.
>>
>>b. It doesn't meet the "no command-line configuration" goal. Shorewall 
>>needs significant skills to configure.
>>
>>
> 
> a) the only thing that shorewall don't know at the install is the
> Internet interface. All the rest for a single PC is easy to
> pre-configure. (policy/rules).
> b) I'm looking to create a gui with python/tk. For the moment i had
> designed a Novice gui (no nat/QOS/tunneling ...)
> And this gui can easily switch to an "advanced" interface.


This is good news.

I think the second most common case will be shared dialup. At the time 
dialup is configured, if there is a second interface ask a Q:
"Do you want to share this Internet Connection?"

I'm thinking of my daughter Michelle (who has ordered Ubuntu CDs). She 
could handle this kind of question.


For advanced use, I suggest taking a look at the webmin module (I have 
not looked at it or used it) to see what it does. Unless you have a good 
reason to do things differently, storing the Shorewall configuration 
compatibility can't be a bad thing, and it will provide some insight 
into what some others think important.