James O'Gorman · May 27, 2013 · 4:17 PM UTC

James O'Gorman @jogbert

27 May 2013

Whenever I touch a Linux system I’m amazed that nobody’s written anything better than iptables yet.

Daniel Silverstone 💉💉💉💉² 🏳️‍🌈🇬🇧 · May 27, 2013 · 4:23 PM UTC

Daniel Silverstone 💉💉💉💉² 🏳️‍🌈🇬🇧 · May 27, 2013 · 4:23 PM UTC

27 May 2013

Replying to @jogbert

@jogbert It's horrible. Yet I rarely have to touch it. ufw does fine for laptops and simple servers, and I use firehol for complex routers.

May 27, 2013 · 4:23 PM UTC

James O'Gorman · May 27, 2013 · 4:24 PM UTC

James O'Gorman @jogbert

27 May 2013

@dsilverstone Just little things, like “log AND accept/drop” shouldn’t need to be two rules. :-(

Daniel Silverstone 💉💉💉💉² 🏳️‍🌈🇬🇧 · May 27, 2013 · 4:30 PM UTC

27 May 2013

@jogbert Mmm, OTOH it's pretty extensible/sane overall.