Date: Fri, 5 Oct 2001 01:18:18 -0700 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "Toomas Aas" <toomas.aas@raad.tartu.ee>, "David Kelly" <dkelly@hiwaay.net>, <freebsd-questions@FreeBSD.ORG> Subject: RE: FreeFirewall Message-ID: <000e01c14d76$4a206040$1401a8c0@tedm.placo.com> In-Reply-To: <200110040914.f949E0F04447@lv.raad.tartu.ee>
next in thread | previous in thread | raw e-mail | index | archive | help
>-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Toomas Aas >Sent: Thursday, October 04, 2001 2:13 AM >To: David Kelly; freebsd-questions@FreeBSD.ORG >Subject: Re: FreeFirewall > > >Hi David! > >On 3 Oct 01 at 22:13 you wrote: > >> Thought the "bloatware" concept worth noting as putting a web interface >> on top for firewall management sounds like bloat to me. Lucent has a >> pretty GUI interface for their firewalls and Pipeline routers. I hate >> it. I'll take a simple telnet session every time. To set the firewall >> rules one must use the Lucent Windows GUI tool. A FreeBSD CLI is much >> simpler for me to deal with. > >The CLI might be preferable for you and me, but the web-based >interface to firewall does have it's uses. When our network was >connected to Internet in 1997 I had very little experience with >Linux (and UNIX in general), but thanks to a firewall with >web-based user interface I was able to implement Linux firewall >with no problems at all. > >Such a firewall interface for FreeBSD would help to spread the OS >to places where people would not otherwise consider using any kind >of Unix because it is "too difficult". I think this is a Good >Thing. Except the only problem is that as you already pointed out, such a web-based firewall interface already exists for Linux. Let the folks that need the web interface to configure a firewall use that, then once they have graduated from the firewall with training wheels then things like the GUI won't be as important anymore. You yourself graduated from the toy OS Linux to the professional OS FreeBSD. Don't assume that nobody else can do it. Which is going to benefit Free Software the most? Linux with a simplistic firewall that's GUI-runnable and FreeBSD with a professional, sophisticated, complex and powerful firewall, or both OS's with simplistic firewalls that are GUI-runnable and neither OS with a professional, sophisticated, complex and powerful firewall? It's not our job to attempt to emulate the lowest common denominator (ie: Linux) Instead, we need to develop things that don't have a similar implementation in Linux. Frankly, there's some fundamental design decisions that you have to make when building firewalls that are web-based user-interfaced. One of the very first is that the web interface is aimed at people that don't know a lot - thus they will be confused if there's too many choices. Thus, you have to make the firewall simple too. In fact the entire emphasis is on formatting the GUI so that un-knowledgeable people can understand and use it. This is going right down the Microsoft Windows path where eventually 95% of the program is the UI and only 5% actually does anything. Ultimately the users are better served if one of the OS's (Linux) just concentrates on a firewall with a fancy GUI that's easily understandable, while the other OS (FreeBSD) concentrates on a firewall that has some flexibility. Why divide effort? Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000e01c14d76$4a206040$1401a8c0>