Re: PROPOSAL: simple masquerading and filtering firewall setup

[Raul Miller <rdm@test.legislate.com>]

Wichert Akkerman <wakkerma@wiggy.ml.org> wrote:
> Hmm, I like that. Or there could be a script in netbase to set that
> up. Shouldn't be that hard to write a whiptail-script to configure
> that.

Why a script to set it up?

netbase already has some "don't spoof my addresses when talking to me"
rules, but last time I checked it just protects 127.0.0.1, and has
commented out rules that would use `hostname -i` to protect the primary
interface address.

I can see this kind of thing implying that shell functions should be
used for common activities (so you could put into a .rl file in01_nospoof
127.0.0.1; in01_nospoof `hostname -i`; etc.), but that might be
getting over-elaborate.

-- 
Raul


--  
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org