Re: Moving from IPTABLES to SonicWall

Leythos,

Thank you for the speedy response.

> Some small firewall appliances don't have as many features/rules/etc as
> the larger units.

Do you mean the number of rules set in the appliance could be limited?
IPTABLES does not have any limits on how many routing rules one can encode
(at least, I've never run into any constraints). If so, we may have a
problem, with about 100 rules in our current firewall.

Or are you talking about some syntax limitations?

Alex.

"Leythos" <void@nowhere.lan> wrote in message
news:JDmXf.68231$9I5.4499@tornado.ohiordc.rr.com...
> In article <HimXf.38145$jf2.34367@twister.nyroc.rr.com>,
> NOBODY@NOSPAM.COM says...
> > We are contemplating a move from the IPTABLES firewall to a
firmware-based
> > one. I've never used SonicWall (the proposed replacement). Could anyone
tell
> > me if this is an adequate substitute for the Linux-based f/w?
> >
> > Currently, our small LAN (under 10 computers) is protected by a Linux
> > machine with IPTABLES that is used to route incoming connections from
> > trusted IP addresses to a host runnig a Java-based server. Some of the
> > connections are directed to other hosts, based on the destination port
> > number. Incoming connections occur on ports 80 (Web server), 422 (SSL),
1099
> > (RMI registry), and a variety of other ports (the external IP address of
the
> > firewall is static). There is also some NAT involved.
> >
> > All this is scripted in the IPTABLES rules, and I wonder if the
> > firmware-based firewall/router will be capable of providing similar
> > functionality.
> >
> > Your advice will be greatly appreciated.
>
> Most of the real Firewall Appliances can easily replace a nix solution,
> but, you need to make sure that you get enough of an appliance that your
> rules/solution does what you need.
>
> Some small firewall appliances don't have as many features/rules/etc as
> the larger units.
>
> --
>
> spam999free@rrohio.com
> remove 999 in order to email me
Received on Mon May 1 01:03:49 2006