Ok, folks - this is in part a *****. The Yast2 firewall interface is inferior. Firestarter and Guarddog are much better - but they are not in the packman list of stuff you can install because you like it better.
How many of you care to offer an opinion as to why these other firewall apps are NOT packaged for openSUSE installation?
Hi
You mean a GUI interface to iptables…
Why should it be in packman?? They don’t have infinite resources, so if applications can be built on OBS, then that’s the place, it’s then up to the package maintainer to push through to factory so it gets into the distribution.
You can ask packman via their communications channels to see if they will package.
Guarddog is here;
software.opensuse.org: Search Results
I think I packaged up firestarter at some point, but dropped it from my home repo.
On 04/23/2011 03:36 AM, spokesinger wrote:
>
> The Yast2 firewall interface is
> inferior. Firestarter and Guarddog are much better
as far as i can see (correct me if i missed something) both Firestarter
and Guarddog are available for you to compile/install, as are thousands
and thousands of free and open source programs not in the oss, non-oss
or packman repos…so, what is the problem?
anyway i wonder in what way is the default firewall is deficient for
your needs (its fine for me)?
–
CAVEAT: http://is.gd/bpoMD
[openSUSE 11.3 + KDE4.5.5 + Thunderbird3.1.8 via NNTP]
A Penguin Being Tickled - http://www.youtube.com/watch?v=0GILA0rrR6w
Yes, a gui interface to IPtables. But wow - that leads to another question - why repeated searches by me in Webpin did not turn this up. I’m pretty sure that at least once I searched on the simple term “firewall”. Anyway - thank you. I’ll see if I can do whatever to put firestarter (since most of my machines are using gnome) together with OBS.
Now, to answer DenverD - why? It is confusing and incomplete. I swear, I find it easier to edit iptables configuration files than to use the Yast gui iptables interface. It gives you protocols, but doesn’t tell you what port they use, even in the info dialog at the end. Meaning I have to go somewhere else to go research what I am trying to do. It also is difficult, if the protocol that you want opened is not in the list, to create a rule. The custom rules, one would think, and so the instructions would make you think, should accept multiple ports, and do not. Etc. The whole point of using interfaces is to automate those things that can be automated and that do not need personal attention. The Yast GUI iptables interface does not do a good job of this.
And, yes, you are right - I COULD compile firestarter myself, using make and all that, but every time I have tried this procedure (compiling from scratch) in the now 3 years I have been using Linux, it failed for one reason or another, and required more of my time to go research what was wrong and try to find answers. Obviously, since I am writing this paragraph, I have never managed to babysit that process successfully from beginning to end. It never, for me, just worked.
Hi
There is already a few versions of firestarter on OBS
software.opensuse.org: Search Results
It hasn’t been updated since 2005 on the homepage… plus they have a src rpm available there as well;
FireStarter | Download FireStarter software for free at SourceForge.net
FireStarter - Browse /firestarter/1.0.3 at SourceForge.net
On 04/23/2011 10:36 PM, spokesinger wrote:
>
> Now, to answer DenverD - why? It is confusing and incomplete. I swear,
> I find it easier to edit iptables configuration files than to use the
> Yast gui iptables interface. It gives you protocols, but doesn’t tell
> you what port they use, even in the info dialog at the end. Meaning I
> have to go somewhere else to go research what I am trying to do. It also
> is difficult, if the protocol that you want opened is not in the list,
> to create a rule. The custom rules, one would think, and so the
> instructions would make you think, should accept multiple ports, and do
> not. Etc. The whole point of using interfaces is to automate those
> things that can be automated and that do not need personal attention.
> The Yast GUI iptables interface does not do a good job of this.
you could use FATE to request YaST be made more complete but i wonder if
this would be helpful: Chapter 14. Masquerading and Firewalls
http://tinyurl.com/4jp4qux
maybe your firewall needs are much greater than mine, but so far i’ve
not had a single break-in with the default installed firewall behind a
NATing router…
> And, yes, you are right - I COULD compile firestarter myself, using
> make and all that, but every time I have tried this procedure (compiling
> from scratch) in the now 3 years I have been using Linux, it failed for
> one reason or another, and required more of my time to go research what
> was wrong and try to find answers. Obviously, since I am writing this
> paragraph, I have never managed to babysit that process successfully
> from beginning to end. It never, for me, just worked.
well you are right, it is necessary to meet the dependencies of the
package, but it is possible to compile and install, otherwise it
wouldn’t be able to be put in an rpm and then into any repo (including
the openSUSE repo)…i mean, maybe you just need more practice…hmmmm,
i guess what i’m saying is: with sufficient patience i think i have
always been successful…yes, i almost always have errors and
dependencies to clear–but, that is expected…this is software
delivered free of cost–it is not necessarily delivered free of user
involvement, frustration, need to hone some skills…or wait patiently
for those who volunteer their time to compile it for you…
“just worked” is a lot to ask for at the price you are paying. (now, if
i shell out for a Mac firewall, i expect it to just work…)
–
CAVEAT: http://is.gd/bpoMD
[openSUSE 11.3 + KDE4.5.5 + Thunderbird3.1.8 via NNTP]
Q: What do you get if you divide the circumference of a jack-o-lantern
by its diameter?
A: Pumpkin Pi!