For those not familiar, Bastille is a fantastic system security tool that asks you a set of questions and recommends hardening changes to your current system. I use it to provide a nice baseline from which I can continue to harden further by hand. It also includes firewall configuration if desired by the user.
I’m currently looking at using Bastille’s firewalling config but first need to understand how I can add exceptions. I need to be able to hit the system with an iptables/ip6tables or quickly adjust a hosts.allow/hosts.deny type file; blocking specific IP or opening specific port/sourceIP combinations.
My past experience is with Shorewall and very basic iptables. Has anyone out there experience with Bastille’s firewall? Would it be better disable Bastille’s firewall rules and just use a basic iptables file?