Succesfully migrated CheckPoint Firewall Into IPTables
whew!! talagang masakit sa ulo ang mag migrate from an expensive proprietary firewalls into IPTables, ngunit kahit gaano pa siya kahirap, walang imposible basta ginusto :-)
ang isang linya ng rule sa checkpoint ay katumbas ng halos sampung linya sa IPTables, depende pa kung paano iginrupo ni checpoint ang mga object.
pero dahil sa talagang gusto kong patunayan na kaya ng IPTables ang kayang gawin ni CheckPoint hindi ako nagdalawang isip na gumawa ng katumbas na Rules sa IPTables. Sa tulong ng kaalaman sa shell scripting yung halos 200 lines na rule eh naging halos 100 lines na lang :-)
hindi magtatagal eh maglalagay ako dito ng tutorial or at least overview kung paano ba gumawa ng firewall using IPTables, sa ngayon eh ito muna
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptab;es -P OUTPUT DROP
iptables -F
the best firewall in the world!! :-)
IPTables ROCKS!!!!
posted by jond3rd @ 9:21 PM
5 Comments:
I don't know much on firewalls, but I've heard that BSD's pf is a lot better than netfilter hehe.
better? hmmmm, that word is really subjective, some sort of self preferrences :-)
-F awesome. But please don't post such next time. New users will take it willingly just to learn so let's be responsible on what we are posting next time.
Basically, the theory behind all firewalls are the same whether branded or not. One of the more important things to consider is the user friendliness plus the GUI is an effective means of avoiding mistakes in creating rules. If you've got the buck then Check Point is really worth it. Besides, it's the number one firewall in the world as they claim it.
-Check Point user-
Bumalik ka na sa trabaho mo. Ang dami mo nang pending. - Your Boss.
Post a Comment
<< Home