<div dir="ltr">Wow, I'd never seen Firehol before. I really like that.<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Mar 29, 2016 at 6:08 PM, David L. Anselmi <span dir="ltr"><<a href="mailto:anselmi@anselmi.us" target="_blank">anselmi@anselmi.us</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">Charles Burton wrote:<br>
> I agree with Shawn. Generally using PFSense or IPFire on my edge(I switch<br>
> between the two depending on how irritated they make me) and for hosts I<br>
> use salt to manage the firewalls. It has a nice module built in<br>
> <a href="https://docs.saltstack.com/en/latest/ref/states/all/salt.states.iptables.html" rel="noreferrer" target="_blank">https://docs.saltstack.com/en/latest/ref/states/all/salt.states.iptables.html</a><br>
<br>
</span>I'll look at the salt stuff.<br>
<br>
I realized I'd used firehol once before and that looks like it fits the bill pretty well. Docs could<br>
be better but it's simpler than firewalld. But we'll see what happens when I try to replace<br>
firewalld on RHEL with firehol.<br>
<div class="HOEnZb"><div class="h5"><br>
Dave<br>
_______________________________________________<br>
clue mailing list: <a href="mailto:clue@cluedenver.org">clue@cluedenver.org</a><br>
For information, account preferences, or to unsubscribe see:<br>
<a href="http://cluedenver.org/mailman/listinfo/clue" rel="noreferrer" target="_blank">http://cluedenver.org/mailman/listinfo/clue</a><br>
</div></div></blockquote></div><br></div>