I am running debian (testing) on a netbook. At home I am behind my main
firewall, but when I am out and about I may connect to a variety of
other networks including those of friends, some of whom have no
firewalls and even compromised machines. That is, I may connect to
hostile environments.
While I am not running much in the way of servers on the netbook ( I
normally do export some nfs mount points to local addresses), I do feel
the need for a firewall to catch whatever may be going on.
In the distant past I have used firestarter which has a nice gui which
pops up to warn of probe attempts and the like. That is useful in a very
dynamic situation.
However, firestarter doesn't install properly in Debian, and from what I
can see, it is no longer actively maintained. Which is a worry for
security...
My netbook is running xfce, so I prefer something lightweight that
doesn't pull in large chunks of gnome or kde. Even so, I cannot find
anything that seems to do the same sort of job as firestarter. Most
things out there just seem to be helpers for configuring iptables.
I have hacked on iptables at times, so they don't seem too hard to use,
but I pity a newcomer to linux trying to configure even a basic firewall.
I have settled on shorewall for now, but has anyone any better
suggestions? If someone wants a linux project, reviving firestarter or
doing something similar seems to be a crying need.
Adrian
(text/plain)