[techtalk] GUI frontend for ipchains (Firewalling for Dummies :)

[Caitlyn Maire Martin]

Hi, everyone,

I'm in hot, sweltering Atlanta this week, setting up a couple of Linux
firewalls for a client, one in their development environment and one in their
colocated production environment.  Everything works and the production firewall
goes live tomorrow.  Of course, there is a catch...

The client here doesn't have a really technical savvy person, and the guy who
acts as their sysadmin is a total Linux newbie with a pure Windows background. 
Fortunately, he does understand basic firewall concepts and can administer
something with a Checkpoint-like GUI front end.  easyfw would be perfect for
this if we were doing some straightforward IP masquerading.  Of course, we're
not.

The client has several Citrix Metaframe servers which need to live behind the
firewall.  I've got the docs on how to do this with ipchains, and it works. 
(It's actually ipmasqadm, but that's not relevant here.)  The problem comes
about when they need to add new servers.  Naturally, I'm having to do multiple
redirects, and I have not seen a GUI front end to ipchains that supports this. 
I haven't even seen one that supports multiple networks.  easyfw certainly
doesn't.

Does anyone know of a more comprehensive GUI front-end for ipchains that would
support this?  Worst comes to worst I can walk the client's admin through
manually editing with a text editor, but nobody is really comfortable with
this.  If not any alternate free Linux firewall suggestions?  

Since I'm leaving tomorrow evening, this is really kind of urgent.  Any help
y'all can give will be gratefully appreciated.

Best,
Caity