APF and Security

[drhiii]

I have not seen any posts in quite awhle concerning APF and Gentoo, but thought to take a swing at this anyway...

Anyone using APF as a freiwall wit Gentoo. Recently that is. I've grown accustomed with APF for other setups and wanted to see if APF could, would should fly within Gentoo too.

Or, those familiar with APF, what would be an alternative recommendation to harden Gentoo?

Any thoughts would be most appreciated.

drhiii

[Hu]

I am not quite sure how the MS ASIA-PAC FUND, the Naples Municipal Airport, the American Pain Foundation, or the American Porphyria Foundation can be used to secure Gentoo.

Gentoo/Linux uses the Linux kernel netfilter for a firewall. Netfilter is typically controlled via iptables and ip6tables. Gentoo/BSD uses the BSD packet filtering support. You can also harden Gentoo by using the hardened toolchain, enabling an RBAC system, and using sys-kernel/hardened-sources.

[drhiii]

http://rfxnetworks.com/apf.php

Been using this for three years. Does a very nice job. Not any of the names you suggest which is of course, stating jokingly, I hope.

To return the joking style, am just starting to assist someone who is running a Gentoo based server and am I wrong in seeing a somewhat archaic structure? Am a bit surprised to see relative unsupport for some of the most basic things.

[Hu]

APF appears to be yet another front-end for iptables, so there is no reason it should not work on Gentoo Linux. Compile in support for Netfilter, emerge net-firewall/iptables, and give it a try.

For your second question, there is not enough information to answer it. What basic features do you find lacking?