[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Trying to understand...


  • Subject: Re: [Openvpn-users] Trying to understand...
  • From: Stefan Lamby <slamby@xxxxxx>
  • Date: Wed, 12 Sep 2007 23:20:39 +0200

Hi Erich.


Erich Titl schrieb:
> Hi Stefan
>
> Stefan Lamby schrieb:
>   
>> Hi Erich,
>> hi list.
>>
>> The problem is solved.
>> This was the solution:
>>
>>     
>
> Good to hear you found it.
>
> ...
>   
>>
>> P.S.: There is still a question left... Maybe someone could pick it up...
>> I am not satisfied at all since I didnt understand, why this
>> SuSEfirewall2-script at the end denies forwarding for tun0. Does this
>> make sense at all even it is an internal interface? Thinking about it
>> again makes me feel that it could make sense as a security issue to deny
>> everything by default. So you do not have wholes in your firewall.
>>
>> FWBuilder is a far better solution to face the firewall settings.
>>     
>
> In my personal opinion SuSEfirewall sucks. For small cases I use
> shorewall and when it comes to real systems, fwbuilder is the choice.
>   

I definitive agree with you. I took a test drive with fwbuilder and was
impressed. I was thinking about changing the whole system to fwbuilder
but got a lot of error messages when importing the iptables-save result
file. Also when it comes to compiling the script, I run into trouble. So
I decided to take it the other way...


BTW: The www.petri.co.il - site - do you advice me to sign up for his
newsletter? Seems to me he knows what he is talking about - good
information material all over the web site.
> cheers
>
> Erich
>
>   

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users