Everyone knows about netfilter/iptables. Unfortunately, managing a security policy with it remains a non-trivial task for several reasons. What is needed is a tool that lets an administrator define the security policy on a higher level of abstraction and hide the internal structure of the target firewall platform.
Full story »
