Hello, Everyone:<br><br>Thanks for all the feedback. <br><br>I really like the overall functionality and feel of firehol and would like to use it in production at some point.<br><br>Looking at the cvs code, it looks like there's been a large handful of changes since the last release, which was now almost two years ago. It also looks like there's known issues with UNROUTABLE_IPS and/or PRIVATE_IPS.
<br><br>I understand that it takes effort and time to do a new release, but it looks like a firehol needs one. Are there things that we in the community can do to help with the next release? I'll be taking a look at the CVS version today.
<br><br>Also, I have a question (or perhaps a feature request). I've been naming my firehol rules things like "dst-externalip", which results in iptables chains with names like "out_dst-outside_dns_c8". Is there some description of the suffixes (the _c8) part in the chain name?
<br><br>The feature request would be to replace the _c8 with a more meaningful name.<br><br>Best, <br> jrobinson<br><br><div><span class="gmail_quote">On 12/11/06, <b class="gmail_sendername">Daniel Pittman</b> <<a href="mailto:daniel@rimspace.net">
daniel@rimspace.net</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Costa Tsaousis <<a href="mailto:costa@tsaousis.gr">
costa@tsaousis.gr</a>> writes:<br>> firehol firehol wrote:<br>>> Hello, Everyone:<br>>><br>>> I've been looking at fireehol to configure the firewalls on my<br>>> machines.<br><br>[...]<br><br>
>> Do people use this firewall on real, working mail and DNS servers?<br>>> Am I making some sort of mistake in my configs? I would love to get<br>>> firehol working for my purposes.<br>><br>> I use it in a data-center with several hundreds of linux machines,
<br>> including high performance DNS and mail servers. I am sure lots of<br>> other people are using it in a similar way without problems.<br><br>Yes. I use it in a large number of installations, service a wide range
<br>of protocols, including mail and DNS. It works perfectly in these<br>cases; we have no unexpected failures.<br><br>The largest is a service that provides hosting -- web, email and DNS --<br>and moves around 400KB/second of traffic, 24x7. No problems there.
<br><br>Regards,<br> Daniel<br>--<br>Digital Infrastructure Solutions -- making IT simple, stable and secure<br>Phone: 0401 155 707 email: <a href="mailto:contact@digital-infrastructure.com.au">contact@digital-infrastructure.com.au
</a><br> <a href="http://digital-infrastructure.com.au/">http://digital-infrastructure.com.au/</a><br><br><br>-------------------------------------------------------------------------<br>Take Surveys. Earn Cash. Influence the Future of IT
<br>Join SourceForge.net's Techsay panel and you'll get the chance to share your<br>opinions on IT & business topics through brief surveys - and earn cash<br><a href="http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV">
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV</a><br>_______________________________________________<br>Firehol-support mailing list<br><a href="mailto:Firehol-support@lists.sourceforge.net">
Firehol-support@lists.sourceforge.net</a><br><a href="https://lists.sourceforge.net/lists/listinfo/firehol-support">https://lists.sourceforge.net/lists/listinfo/firehol-support</a><br></blockquote></div><br>