[Shorewall-devel] Sample Files Improvement
paul at gear.dyndns.org
Fri May 27 20:13:55 PDT 2005
Tom Eastep wrote:
> Yes -- we tried that and *it was a disaster*. It allows people to get their
> first firewall up a LITTLE bit easier *without knowing one damed thing*
> about Shorewall. Then the first time that they wanted to do something that
> wasn't covered by a shell variable in /etc/shorewall/parms there was a
> complete paradigm shift and they had to learn what Shorewall is really about.
> It was a support nightmare.
> It is *much better* to make newbies learn the basics of Shorewall from the
> beginning. As I say on the Shorewall home page, if you are looking for a
> point-and-click set-and-forget firewall, SHOREWALL ISN'T FOR YOU.
> Please don't make this change -- you will regret it.
I remember when that happened. It wasn't pretty. Making people learn
the importance of zones & policies is "the right thing" (tm). :-)
Did you know? Using accepted quoting conventions makes
your email easier to understand. Learn how at
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://lists.shorewall.net/pipermail/shorewall-devel/attachments/20050528/1739cd09/signature.bin
More information about the Shorewall-devel