Beginner firewall questions (for servers)
1) Are ipfwadm and ipchains even necessary these days, now that iptables is around?
The guide describes all three, but do I lose anything by not worrying about ipfwadm and ipchains? i.e. Can iptables do absolutely everything that the other two can, so that I don't have to waste time learning all three?
2) What do 'firewall programs' such as APF, www.shorewall.net, and other things do, that iptables cannot? Don't those kind of programs just translate more user-friendly instructions that you give it into iptables configuration rules?
If so, then why would anyone want to use one of those other programs when iptables essentially does the same thing? Is the only reason that it is simpler to configure?
3) Is iptables really that difficult to use that so many of these other firewall programs exist? Or is there some other reason, or something I'm missing in terms of the limitations of iptables that these other programs make up for?
4) What is the need for hardware firewalls or non-Linux-specific software firewalls when you have programs like iptables? What I mean by non-Linux-specific software firewalls are those programs that don't alter iptables configuration rules for you like the ones described above do.
I'm confused as to the need for things like iptables, hardware firewalls, AND software firewalls when it seems that any one of the three could do the trick? Does the answer have something to do with server clusters or something like that...even so, does it have any bearing on this issue?
Thanks for reading, hope my questions make sense. Be as detailed as you'd like in responding.
