Re: Package idea, Debian-Firewall.
On Wed, Oct 13, 2004 at 11:39:29AM +0200, Javier Fernández-Sanguino Peña wrote:
> On Wed, Oct 13, 2004 at 06:13:36AM +0200, nicklas (smurfd) wrote:
> > Hey Debian-devels!
> >
> > I have had a package idea, for a long time now. The idea, was a
> > package, containing a "Flush-all" firewall script. Adding this script to
> > be ran at bootup. Just for the simplicity. I tend to keep forgetting to
> > add it myself.
>
> You could actually try to convince the iptables maintainer to allow users
> to set this kind of "deny all" setup in postinst through debconf. It should
> be rather easy to do actually, since you just have to execute an iptables
> script (similar to what you provided) and run '/etc/init.d/iptables save'.
> I tried to do this a while back without any success (see #212692).
>
Indeed currently iptables rules need to be loaded with pre-up scripting
in /etc/network/interfaces. Old init.d scripts are deprecated and not
installed at all.
> There are a lot of ways to setup a firewall in Debian [1] I rather not have
> yet another package to do this.
>
Agree.
--
Francesco P. Lovergine
Reply to: