[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: firewalls

To: misc@openbsd.org
Subject: RE: firewalls
From: "Jenkins, Michael" <Michael.Jenkins@disney.com>
Date: Mon, 11 Dec 2000 12:48:11 -0800

On Fri, 8 Dec 2000 00:28:33 +0100 (CET), Rémi Guyomarch wrote:
(concerning CheckPoint Firewall-1)

>- The default install is way more open than you can think at
>first.

The default policy properties creates implied rules.
>From the GUI choose View->Implied Rules to see them.
Unchecking boxes in the Implied Rules of the Security
Policy tab removes these. 

>- You can't even print the rules ! The only solution is to print
>screenshots of the rule editor, how lame :-((

>From the GUI, pick File->Print. :-)

>- Logs are way less accurate than with ipfilter, and you have a
>limited ways to grep / filter them in real time (hey GUI guys, never
>heard of "tail -f /var/log/ipflog | grep 'bla'" ??). Post-mortem (sic)
>filtering requires an 'export' in plain ascii which is slow.

fw log -ft | grep doda

There is definitely a learning curve to FW-1.  One feature I like
is the ability to manage multiple firewalls from a management station.
Another feature is the object database where you define your hosts,
networks, etc and group them.  You then use objects or groups in the rules.
I recommend the (yes, expensive) training courses.  Also the FAQs at 
http://www.phoneboy.com/fw1/ are helpful.

Mike Jenkins

Prev by Date: Re: vim syntax highlighting in xterm
Next by Date: Re: editing man pages
Prev by thread: Re: firewalls
Next by thread: It was late and I was root....
Index(es):
- Date
- Thread