New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
iptables
No need for fancy front ends, it's really easy.
Csf will work just fine in an OpenVZ container... if your provider set up the node properly. csf comes with a environment test script that you could run and find out whether or not it will work.
Just make sure you don't enable country-based filtering. If your provider set iptables limits properly per container then enabling this will most likely start dropping all traffic. Otherwise your provider will be very unhappy about it.
thanks alot .
CSF. OpenVZ VPSes from @RAMNODE work.
csf isn't a firewall ._.
Well it stands for Configserver Firewall IIRC...
I just didn't want to be the first to say it...thank you.
Well ufw is not a firewall either.
If we have to go that far, iptables is not a firewall either
They're both iptables front ends. They're front ends for a front end. It's like simplification of simplification. It's a bit overkill
However it make life easier .It's more simple and intuitive. Compare to linux distros ,less people would use gentoo, or even lfs . so that's it .
How about apf...?
firewall behaves differently on each host
Why would that be the case...? Or are you referring that the firewall would behave differently depending on how much load it's operating under?
There is dependency on what module were loaded in kernel of host. So sometimes your iptables config in a specific host will not work with another.
Ahh yes, yes, dependent on what module was loaded, I concur.