old-www/HOWTO/Firewall-HOWTO-13.html

46 lines
3.0 KiB
HTML

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Firewall and Proxy Server HOWTO: Making Management Easy</TITLE>
<LINK HREF="Firewall-HOWTO-14.html" REL=next>
<LINK HREF="Firewall-HOWTO-12.html" REL=previous>
<LINK HREF="Firewall-HOWTO.html#toc13" REL=contents>
</HEAD>
<BODY>
<A HREF="Firewall-HOWTO-14.html">Next</A>
<A HREF="Firewall-HOWTO-12.html">Previous</A>
<A HREF="Firewall-HOWTO.html#toc13">Contents</A>
<HR>
<H2><A NAME="s13">13. Making Management Easy</A></H2>
<P>
<H2><A NAME="ss13.1">13.1 Firewall tools</A>
</H2>
<P>There are several software packages that will make managing your firewall easier.
<P>Be carefull, don't use these tools unless you can do without them. These scripts make it just as easy to make a misstake as they do to help you get it wright.
<P>Both graphical and web based interfaces are being developed to work with the Linux filtering rules. Some companies have even create commercial firewalls based on Linux by putting it in their own box with their own management code. (nice)
<P>I'm not realy a GUI guy. However, I have been using firewalls with GUI interfaces for some time. I've found they help by providing a nice report of all the rules in one easy glance.
<P>gfcc (GTK+ Firewall Control Center) is a GTK+ application which can control Linux firewall policies and rules, based on ipchains package. Go to
<A HREF="http://icarus.autostock.co.kr/">http://icarus.autostock.co.kr</A> and get your copy. This is a realy good tool.
<P>I have included RC scripts in appendex A. These scripts work with and without gfcc.
<P>There a lots of scripts avaible to setup a firewall. One very complete script is avaible at
<A HREF="http://www.jasmine.org.uk/~simon/bookshelf/papers/instant-firewall/instant-firewall.html">http://www.jasmine.org.uk/~simon/bookshelf/papers/instant-firewall/instant-firewall.html</A>. Another will done script is at
<A HREF="http://www.pointman.org/">http://www.pointman.org/</A>.
<P>Kfirewall is a GUI frontend for ipchains or ipfwadm (depending on your kernel version).
<A HREF="http://megaman.ypsilonia.net/kfirewall/">http://megaman.ypsilonia.net/kfirewall/</A><P>FCT is an HTML based tool for the configuration of a firewall. It features automatic script-generation for IP-filtering commands (ipfwadm) on a firewall for multiple interfaces and any internet services.
<A HREF="http://www.fen.baynet.de/~ft114/FCT/firewall.htm">http://www.fen.baynet.de/~ft114/FCT/firewall.htm</A><P>
<H2><A NAME="ss13.2">13.2 General tools</A>
</H2>
<P>WebMin is a general system admin package. It will not help you manage the firewall rules but it will help you with turning on and off damons and processes. This program is VERY good, I'm hoping the J. Cameron will include a IPCHAINS module.
<A HREF="http://www.webmin.com/">http://www.webmin.com/</A><P>
<P>
<HR>
<A HREF="Firewall-HOWTO-14.html">Next</A>
<A HREF="Firewall-HOWTO-12.html">Previous</A>
<A HREF="Firewall-HOWTO.html#toc13">Contents</A>
</BODY>
</HTML>