Re: Re: Adding support for FireWall Builder – FWBuilder.org

Home Page Forums Network Management Request a new feature Adding support for FireWall Builder – FWBuilder.org Re: Re: Adding support for FireWall Builder – FWBuilder.org

#48649

vpdose
Member

I agree absolutely -fwbuilder is a fantastic tool for building Firewalls. I use it for about 30 different Gateways and one the best things is the use of objects. If for instance, one IP-address is changing, you can do a batch run for all your firewalls.

Also the use of cvs for versioning is ver helpful. I took a quick look about the iptables-interface in zeroshell -looks very nice, especially the layer 7 rule generation looks very interesting.

With kind regards,
Volker Dose

@newbie wrote:

re: http://www.fwbuilder.org

I like zeroshell – it is better than many ‘other’ Linux FWGW distros.

I also like the ‘concepts’ of fwbuilder – using a ‘tool’ to design/configure the firewall.

I have a very complicated Network System (at work) that has more than 20 internal subnets/VLANs. I know that zeroshell running on an hp/IBM Xeon Blade Server would be fast/good enough to run my entire network; but my network is too complicated to manage using the rule sets available in the zeroshell GUI.

Since fwbuilder is GPL and open source, part of it could be used to improve the zeroshell ‘interface’ – it could even be used to ‘generate’ the FW/GW rules/policies etc and configure zeroshell.

So, ‘what’ do YOU think – all of you zeroshell experts… let me know if this tool FWbuilder is really worth using with zeroshell.

Sure, I could just use FWbuilder to design/configure a CentOS or RedHat server to be a CORE SW – but zeroshell is much smaller/cleaner and doesn’t need to be patched with security updates for every 10 minutes.

Zeroshell as a VMguest using Xen / VMware – would have much less overhead and better performance than using CentOS as a VMguest performing CORE SW functions.