[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Package idea, Debian-Firewall.

On Wed, Oct 13, 2004 at 11:39:29AM +0200, Javier Fernández-Sanguino Peña wrote:
> On Wed, Oct 13, 2004 at 06:13:36AM +0200, nicklas (smurfd) wrote:
> > Hey Debian-devels!
> > 
> > I have had  a package idea, for a long time now. The idea, was a
> > package, containing a "Flush-all" firewall script. Adding this script to
> > be ran at bootup. Just for the simplicity. I tend to keep forgetting to
> > add it myself.
> 
> You could actually try to convince the iptables maintainer to allow users 
> to set this kind of "deny all" setup in postinst through debconf. It should 
> be rather easy to do actually, since you just have to execute an iptables 
> script (similar to what you provided) and run '/etc/init.d/iptables save'.
> I tried to do this a while back without any success (see #212692).
> 

Indeed currently iptables rules need to be loaded with pre-up scripting
in /etc/network/interfaces. Old init.d scripts are deprecated and not
installed at all. 

> There are a lot of ways to setup a firewall in Debian [1] I rather not have 
> yet another package to do this.
> 

Agree.


-- 
Francesco P. Lovergine
Reply to: