[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ip route load distribute



> but I just don't like the idea of someone else "setting
> up" my firewall, or using still another layer of abstraction.  Call it
> arrogance, but I think my scripts work better 

Which is *exactly* why I suggested to install Shorewall, configure it to do what
you need, and then inspect the iptables rules it creates under the hood when
you're done. Then take those rules and optimize away.

I did not mean to suggest you replace your firewall-with-tailored-ruleset with
Shorewall. I meant to suggest you setup a test system that implements what you
want, learn what it did, and then write your custom replacement that works
"better" for the "real deal".

Mike/

---------------------------------------------
http://www.valuenet.net



-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.