2004-02-14 19:06:39 +01:00
|
|
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
|
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
|
|
|
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
|
|
|
|
|
<article id="quotes">
|
|
|
|
|
<!--$Id$-->
|
|
|
|
|
|
|
|
|
|
<articleinfo>
|
|
|
|
|
<title>Quotes from Users</title>
|
|
|
|
|
|
|
|
|
|
<author>
|
|
|
|
|
<firstname>Tom</firstname>
|
|
|
|
|
|
|
|
|
|
<surname>Eastep</surname>
|
|
|
|
|
</author>
|
|
|
|
|
|
2004-08-07 04:13:32 +02:00
|
|
|
|
<pubdate>2004-07-31</pubdate>
|
2004-02-14 19:06:39 +01:00
|
|
|
|
|
|
|
|
|
<copyright>
|
|
|
|
|
<year>2003</year>
|
|
|
|
|
|
2004-04-05 23:13:45 +02:00
|
|
|
|
<year>2004</year>
|
|
|
|
|
|
2004-02-14 19:06:39 +01:00
|
|
|
|
<holder>Thomas M Eastep</holder>
|
|
|
|
|
</copyright>
|
|
|
|
|
|
|
|
|
|
<legalnotice>
|
|
|
|
|
<para>Permission is granted to copy, distribute and/or modify this
|
|
|
|
|
document under the terms of the GNU Free Documentation License, Version
|
|
|
|
|
1.2 or any later version published by the Free Software Foundation; with
|
|
|
|
|
no Invariant Sections, with no Front-Cover, and with no Back-Cover
|
|
|
|
|
Texts. A copy of the license is included in the section entitled
|
|
|
|
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation License</ulink></quote>.</para>
|
|
|
|
|
</legalnotice>
|
|
|
|
|
</articleinfo>
|
|
|
|
|
|
|
|
|
|
<section>
|
|
|
|
|
<title>What Users are saying...</title>
|
|
|
|
|
|
2004-08-07 04:13:32 +02:00
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>AS, Poland</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>I want to say that Shorewall documentation is the best
|
|
|
|
|
I've ever found on the net. It's helped me a lot in
|
|
|
|
|
understanding how network is working. It is the best of breed. It
|
|
|
|
|
contains not only Shorewall specific topics with the assumption that all
|
|
|
|
|
the rest is well known, but also gives some very useful background
|
|
|
|
|
information. Thank you very much for this wonderful piece of work.
|
|
|
|
|
</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
2004-02-14 19:06:39 +01:00
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>ES, Phoenix AZ, USA</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>I have fought with IPtables for untold hours. First I
|
|
|
|
|
tried the SuSE firewall, which worked for 80% of what I needed. Then
|
|
|
|
|
gShield, which also worked for 80%. Then I set out to write my own
|
|
|
|
|
IPtables parser in shell and awk, which was a lot of fun but never got
|
|
|
|
|
me past the <quote>hey, cool</quote> stage. Then I discovered Shorewall.
|
|
|
|
|
After about an hour, everything just worked. I am stunned, and very
|
|
|
|
|
grateful</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
2004-04-05 23:13:45 +02:00
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>SE, California, USA</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>In two words, I'd call Shorewall "brilliant
|
|
|
|
|
simplicity". Define general rules of what it is you want to do, and
|
|
|
|
|
let the software determine the specific rules on how to implement it.
|
|
|
|
|
It's great only having to define specific rules for specific
|
|
|
|
|
instances. I have a much higher degree of confidence in my firewall than
|
|
|
|
|
I have had previously. Thank you for Shorewall!.</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
2004-02-14 19:06:39 +01:00
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>BC, USA</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>The configuration is intuitive and flexible, and much
|
|
|
|
|
easier than any of the other iptables-based firewall programs out there.
|
|
|
|
|
After sifting through many other scripts, it is obvious that yours is
|
|
|
|
|
the most well thought-out and complete one available.</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>JL, Ohio</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>I just installed Shorewall after weeks of messing with
|
|
|
|
|
ipchains/iptables and I had it up and running in under 20 minutes!</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>JV, Spain</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>My case was almost like [the one above]. Well. instead
|
|
|
|
|
of <quote>weeks</quote> it was <quote>months</quote> for me, and I think
|
|
|
|
|
I needed two minutes more:</emphasis></para>
|
|
|
|
|
|
|
|
|
|
<itemizedlist>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para><emphasis>One to see that I had no Internet access from the
|
|
|
|
|
firewall itself.</emphasis></para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para><emphasis>Other to see that this was the default
|
|
|
|
|
configuration, and it was enough to uncomment a line in
|
|
|
|
|
/etc/shorewall/policy.</emphasis></para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</itemizedlist>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>Minutes instead of months! Congratulations and thanks
|
|
|
|
|
for such a simple and well documented thing for something as huge as
|
|
|
|
|
iptables</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>MM</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>I downloaded Shorewall 1.2.0 and installed it on
|
|
|
|
|
Mandrake 8.1 without any problems. Your documentation is great and I
|
|
|
|
|
really appreciate your network configuration info. That really helped me
|
|
|
|
|
out alot. THANKS!!!</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>B.R, Netherlands</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>[Shorewall is a] great, great project. I've
|
|
|
|
|
used/tested may firewall scripts but this one is till now the best.</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>Mario Kerecki, Toronto</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>Never in my +12 year career as a sys admin have I
|
|
|
|
|
witnessed someone so relentless in developing a secure, state of the
|
|
|
|
|
art, safe and useful product as the Shorewall firewall package for no
|
|
|
|
|
cost or obligation involved.</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>SM, Germany</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>one time more to report, that your great shorewall in
|
|
|
|
|
the latest release 1.2.9 is working fine for me with SuSE Linux 7.3! I
|
|
|
|
|
now have 7 machines up and running with shorewall on several versions -
|
|
|
|
|
starting with 1.2.2 up to the new 1.2.9 and I never have encountered any
|
|
|
|
|
problems!</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>SE, US</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>You have the best support of any other package I've
|
|
|
|
|
ever used.</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>Name withheld by request, Europe</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>Because our company has information which has been
|
|
|
|
|
classified by the national government as secret, our security
|
|
|
|
|
doesn't stop by putting a fence around our company. Information
|
|
|
|
|
security is a hot issue. We also make use of checkpoint firewalls, but
|
|
|
|
|
not all of the internet servers are guarded by checkpoint, some of them
|
|
|
|
|
are running....Shorewall.</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>RM, Austria</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>thanx for all your efforts you put into shorewall - this
|
|
|
|
|
product stands out against a lot of commercial stuff i´ve been working
|
|
|
|
|
with in terms of flexibillity, quality & support</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>RG, Toronto</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>I have never seen such a complete firewall package that
|
|
|
|
|
is so easy to configure. I searched the Debian package system for
|
|
|
|
|
firewall scripts and Shorewall won hands down.</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>RP, Guatamala</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>My respects... I've just found and installed
|
|
|
|
|
Shorewall 1.3.3-1 and it is a wonderful piece of software. I've just
|
|
|
|
|
sent out an email to about 30 people recommending it. :-)</emphasis></para>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>While I had previously taken the time (maybe 40 hours)
|
|
|
|
|
to really understand ipchains, then spent at least an hour per server
|
|
|
|
|
customizing and carefully scrutinizing firewall rules, I've got
|
|
|
|
|
shorewall running on my home firewall, with rulesets and policies that I
|
|
|
|
|
know make sense, in under 20 minutes.</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
</section>
|
|
|
|
|
</article>
|