Simple security & firewall plugin for Webmin

Firewalls are of limited utility in a hosting environment, but Webmin does provide a comprehensive interface to iptables (and it's not a hacked together pile of shell scripting that most "firewall" products are--it actually parses and manages the standard iptables save file format, so it can build and manage any firewall that Linux can support).

There is a Simple Firewall module that Jamie wrote a while back that is more clicky than the Linux Firewall module, but it's pretty limited (in the same way that most of the other firewall scripts and GUIs out there are), so I don't necessarily recommend it. But if you're really afraid of learning how iptables works, and you will feel better having a firewall running (even if firewalls can't really do much useful on a web server), then it might be a good choice.

Note that logwatch on Red Hat-based systems already reports on all of the stuff mentioned in that CSF web page, if you just make sure your root mailbox aliases correctly to an address that you read regularly. So, reporting can be useful, and your system probably already has those reporting features, and they happen at the application layer where all the interesting data really lives.

Since it comes up a lot here in the forums, I'm going to write up a security and firewall document for the documentation page. There's way too much misinformation out there (often from people that want to sell you some security snake oil). I'll try to get that wrapped up today.