[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Latest Mandrake

>>"Toni" == Toni Mueller <deb-l@tonimueller.org> writes:

 Toni> ipmasq has shot me in the leg by munging my hand-crafted
 Toni> firewall rules so often and in inexplicable ways that I
 Toni> consider it to be a misfeature in the first place.

	Really? ipmasq sets up a set of ``official'' rules, which can
 be overridden individually by the local sysadmin. Indeed, the major
 design feature was to have it so the the runles included in the
 package do not iver ride the local rules, and the fact that you clain
 it has munged your hand crafted rules not once, but several times,
 indicates you do not understand how to use the package. 

	The fact that it has happened several times seems incredible,
 given that you are supposed to be in charge of security of your
 installation.

 Toni> I also was not able to figure out how it works in a reasonable
 Toni> amount of time...

	What is so hard to understand about it running all shell
 scripts in a dir, using the .def version unless a .rule version is
 present? (the .def stands for default; if you create a file wth the
 same name but a .rule suffix your script is the one run). 

 Toni> You are the first user I meet who claims that ipmasq is
 Toni> useable.

	It is not the most rocket science rules package, but I would
 not have thought that a security expert would find it hard to fathom.

	manoj
-- 
 A sadist is a masochist who follows the Golden Rule.
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C
Reply to: