Last week's techmail was Use APF to manage your firewall which takes a look at using the APF (Advanced Policy Firewall) set of scripts to configure an iptables-based firewall on Linux. I was always a big Shorewall user; used it on my servers whether they ran Mandriva or Annvix. Recently I've been fiddling with /etc/sysconfig/iptables directly on Red Hat Enterprise Linux and CentOS, but I got wind of APF because that is what is installed on my VPS (had never heard of it before). This little gem is making me rethink my recommendations of using Shorewall because it's easier to configure and much more straightforward when it comes to defining the firewall rules. It may be lacking in some feature areas that Shorewall has, but I've not found anything lacking in it yet. The techmail gives a quick primer on how to get it installed and configured.