Re: Package idea, Debian-Firewall.

["nicklas (smurfd)" <smurfd@smurfnet.homelinux.net>]

ons 2004-10-13 klockan 11.39 skrev Javier Fernández-Sanguino Peña:
> On Wed, Oct 13, 2004 at 06:13:36AM +0200, nicklas (smurfd) wrote:
> > Hey Debian-devels!
> > 
> > I have had  a package idea, for a long time now. The idea, was a
> > package, containing a "Flush-all" firewall script. Adding this script to
> > be ran at bootup. Just for the simplicity. I tend to keep forgetting to
> > add it myself.
> 
> You could actually try to convince the iptables maintainer to allow users 
> to set this kind of "deny all" setup in postinst through debconf. It should 
> be rather easy to do actually, since you just have to execute an iptables 
> script (similar to what you provided) and run '/etc/init.d/iptables save'.
> I tried to do this a while back without any success (see #212692).
> 
> There are a lot of ways to setup a firewall in Debian [1] I rather not have 
> yet another package to do this.
> 
> Regards
> 
> Javier
> 
> 
> [1] 
> http://www.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.en.html#s-firewall-setup

That Do make abit more sense, i must admit. 
Ill drop him a mail, see what he says :)
Yeah, either a "drop all" rule, or load a firewall script, you got
already on your disk or on a floppy/cd.

regards 

nicklas