[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian equivalent of rc.firewall??

On Sun, 24 Dec 2000, Carel Fellinger wrote:

 > The problem with this is that I don't have an IP until after my outgoing
 > interface is set-up:( I get my dynamic IP through dpcpc, so how can I
 > get out this catch-22?

not neccessarily. first thing is, you can arrange your rules so that
it may be enough to use interface names only (dunno your setup there -
i'm assuming some kind of dialup connection-thingy), or second, at the
very early stages of the initialization of the system you disable all
communication that's not thru lo, in any direction. then you dial in,
get your ip, do black magic with that as you prefer, then remove the
block rules from your fwchains.

be creative :)

``And there are plenty of other innovative pieces of software such as Napster
and ICQ.'' -- comment on ``Systems Software Research is Irrelevant'' at

Reply to: