2004-02-14 19:06:39 +01:00
|
|
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
2008-07-07 22:42:54 +02:00
|
|
|
|
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
|
|
|
|
|
"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
|
2004-02-14 19:06:39 +01:00
|
|
|
|
<article id="quotes">
|
|
|
|
|
<!--$Id$-->
|
|
|
|
|
|
|
|
|
|
<articleinfo>
|
|
|
|
|
<title>Quotes from Users</title>
|
|
|
|
|
|
|
|
|
|
<author>
|
|
|
|
|
<firstname>Tom</firstname>
|
|
|
|
|
|
|
|
|
|
<surname>Eastep</surname>
|
|
|
|
|
</author>
|
|
|
|
|
|
2006-07-07 03:04:16 +02:00
|
|
|
|
<pubdate><?dbtimestamp format="Y/m/d"?></pubdate>
|
2004-02-14 19:06:39 +01:00
|
|
|
|
|
|
|
|
|
<copyright>
|
|
|
|
|
<year>2003</year>
|
|
|
|
|
|
2004-04-05 23:13:45 +02:00
|
|
|
|
<year>2004</year>
|
|
|
|
|
|
2004-02-14 19:06:39 +01:00
|
|
|
|
<holder>Thomas M Eastep</holder>
|
|
|
|
|
</copyright>
|
|
|
|
|
|
|
|
|
|
<legalnotice>
|
|
|
|
|
<para>Permission is granted to copy, distribute and/or modify this
|
|
|
|
|
document under the terms of the GNU Free Documentation License, Version
|
|
|
|
|
1.2 or any later version published by the Free Software Foundation; with
|
2023-01-19 23:17:25 +01:00
|
|
|
|
no Invariant Sections, no Front-Cover Texts, and no Back-Cover
|
2004-02-14 19:06:39 +01:00
|
|
|
|
Texts. A copy of the license is included in the section entitled
|
2007-06-28 22:41:32 +02:00
|
|
|
|
<quote><ulink url="GnuCopyright.htm">GNU Free Documentation
|
|
|
|
|
License</ulink></quote>.</para>
|
2004-02-14 19:06:39 +01:00
|
|
|
|
</legalnotice>
|
|
|
|
|
</articleinfo>
|
|
|
|
|
|
2007-06-28 22:41:32 +02:00
|
|
|
|
<section id="Quotes">
|
2004-02-14 19:06:39 +01:00
|
|
|
|
<title>What Users are saying...</title>
|
|
|
|
|
|
2004-08-07 04:13:32 +02:00
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>AS, Poland</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>I want to say that Shorewall documentation is the best
|
2007-06-28 22:41:32 +02:00
|
|
|
|
I've ever found on the net. It's helped me a lot in understanding how
|
|
|
|
|
network is working. It is the best of breed. It contains not only
|
|
|
|
|
Shorewall specific topics with the assumption that all the rest is well
|
|
|
|
|
known, but also gives some very useful background information. Thank you
|
|
|
|
|
very much for this wonderful piece of work. </emphasis></para>
|
2004-08-07 04:13:32 +02:00
|
|
|
|
</blockquote>
|
|
|
|
|
|
2004-02-14 19:06:39 +01:00
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>ES, Phoenix AZ, USA</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>I have fought with IPtables for untold hours. First I
|
2005-11-24 20:22:48 +01:00
|
|
|
|
tried the SUSE firewall, which worked for 80% of what I needed. Then
|
2004-02-14 19:06:39 +01:00
|
|
|
|
gShield, which also worked for 80%. Then I set out to write my own
|
|
|
|
|
IPtables parser in shell and awk, which was a lot of fun but never got
|
|
|
|
|
me past the <quote>hey, cool</quote> stage. Then I discovered Shorewall.
|
|
|
|
|
After about an hour, everything just worked. I am stunned, and very
|
|
|
|
|
grateful</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
2004-04-05 23:13:45 +02:00
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>SE, California, USA</attribution>
|
|
|
|
|
|
2007-06-28 22:41:32 +02:00
|
|
|
|
<para><emphasis>In two words, I'd call Shorewall "brilliant simplicity".
|
|
|
|
|
Define general rules of what it is you want to do, and let the software
|
|
|
|
|
determine the specific rules on how to implement it. It's great only
|
|
|
|
|
having to define specific rules for specific instances. I have a much
|
|
|
|
|
higher degree of confidence in my firewall than I have had previously.
|
|
|
|
|
Thank you for Shorewall!.</emphasis></para>
|
2004-04-05 23:13:45 +02:00
|
|
|
|
</blockquote>
|
|
|
|
|
|
2004-02-14 19:06:39 +01:00
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>BC, USA</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>The configuration is intuitive and flexible, and much
|
|
|
|
|
easier than any of the other iptables-based firewall programs out there.
|
|
|
|
|
After sifting through many other scripts, it is obvious that yours is
|
|
|
|
|
the most well thought-out and complete one available.</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>JL, Ohio</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>I just installed Shorewall after weeks of messing with
|
2007-06-28 22:41:32 +02:00
|
|
|
|
ipchains/iptables and I had it up and running in under 20
|
|
|
|
|
minutes!</emphasis></para>
|
2004-02-14 19:06:39 +01:00
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>JV, Spain</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>My case was almost like [the one above]. Well. instead
|
|
|
|
|
of <quote>weeks</quote> it was <quote>months</quote> for me, and I think
|
|
|
|
|
I needed two minutes more:</emphasis></para>
|
|
|
|
|
|
|
|
|
|
<itemizedlist>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para><emphasis>One to see that I had no Internet access from the
|
|
|
|
|
firewall itself.</emphasis></para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para><emphasis>Other to see that this was the default
|
|
|
|
|
configuration, and it was enough to uncomment a line in
|
|
|
|
|
/etc/shorewall/policy.</emphasis></para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</itemizedlist>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>Minutes instead of months! Congratulations and thanks
|
|
|
|
|
for such a simple and well documented thing for something as huge as
|
|
|
|
|
iptables</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>MM</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>I downloaded Shorewall 1.2.0 and installed it on
|
|
|
|
|
Mandrake 8.1 without any problems. Your documentation is great and I
|
|
|
|
|
really appreciate your network configuration info. That really helped me
|
|
|
|
|
out alot. THANKS!!!</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>B.R, Netherlands</attribution>
|
|
|
|
|
|
2007-06-28 22:41:32 +02:00
|
|
|
|
<para><emphasis>[Shorewall is a] great, great project. I've used/tested
|
|
|
|
|
may firewall scripts but this one is till now the
|
|
|
|
|
best.</emphasis></para>
|
2004-02-14 19:06:39 +01:00
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>Mario Kerecki, Toronto</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>Never in my +12 year career as a sys admin have I
|
|
|
|
|
witnessed someone so relentless in developing a secure, state of the
|
|
|
|
|
art, safe and useful product as the Shorewall firewall package for no
|
|
|
|
|
cost or obligation involved.</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>SM, Germany</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>one time more to report, that your great shorewall in
|
2005-11-24 20:22:48 +01:00
|
|
|
|
the latest release 1.2.9 is working fine for me with SUSE Linux 7.3! I
|
2004-02-14 19:06:39 +01:00
|
|
|
|
now have 7 machines up and running with shorewall on several versions -
|
|
|
|
|
starting with 1.2.2 up to the new 1.2.9 and I never have encountered any
|
|
|
|
|
problems!</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>SE, US</attribution>
|
|
|
|
|
|
2007-06-28 22:41:32 +02:00
|
|
|
|
<para><emphasis>You have the best support of any other package I've ever
|
|
|
|
|
used.</emphasis></para>
|
2004-02-14 19:06:39 +01:00
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>Name withheld by request, Europe</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>Because our company has information which has been
|
2007-06-28 22:41:32 +02:00
|
|
|
|
classified by the national government as secret, our security doesn't
|
|
|
|
|
stop by putting a fence around our company. Information security is a
|
|
|
|
|
hot issue. We also make use of checkpoint firewalls, but not all of the
|
2008-08-15 07:03:24 +02:00
|
|
|
|
Internet servers are guarded by checkpoint, some of them are
|
2007-06-28 22:41:32 +02:00
|
|
|
|
running....Shorewall.</emphasis></para>
|
2004-02-14 19:06:39 +01:00
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>RM, Austria</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>thanx for all your efforts you put into shorewall - this
|
|
|
|
|
product stands out against a lot of commercial stuff i´ve been working
|
2008-08-15 07:03:24 +02:00
|
|
|
|
with in terms of flexibility, quality & support</emphasis></para>
|
2004-02-14 19:06:39 +01:00
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
|
|
|
|
<attribution>RG, Toronto</attribution>
|
|
|
|
|
|
|
|
|
|
<para><emphasis>I have never seen such a complete firewall package that
|
|
|
|
|
is so easy to configure. I searched the Debian package system for
|
|
|
|
|
firewall scripts and Shorewall won hands down.</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
|
|
|
|
|
<blockquote>
|
2008-08-15 07:03:24 +02:00
|
|
|
|
<attribution>RP, Guatemala</attribution>
|
2004-02-14 19:06:39 +01:00
|
|
|
|
|
2007-06-28 22:41:32 +02:00
|
|
|
|
<para><emphasis>My respects... I've just found and installed Shorewall
|
|
|
|
|
1.3.3-1 and it is a wonderful piece of software. I've just sent out an
|
|
|
|
|
email to about 30 people recommending it. :-)</emphasis></para>
|
2004-02-14 19:06:39 +01:00
|
|
|
|
|
|
|
|
|
<para><emphasis>While I had previously taken the time (maybe 40 hours)
|
|
|
|
|
to really understand ipchains, then spent at least an hour per server
|
2007-06-28 22:41:32 +02:00
|
|
|
|
customizing and carefully scrutinizing firewall rules, I've got
|
2008-08-15 07:03:24 +02:00
|
|
|
|
shorewall running on my home firewall, with rule sets and policies that I
|
2004-02-14 19:06:39 +01:00
|
|
|
|
know make sense, in under 20 minutes.</emphasis></para>
|
|
|
|
|
</blockquote>
|
|
|
|
|
</section>
|
2008-07-07 22:42:54 +02:00
|
|
|
|
</article>
|