On Fri, Feb 08, 2002 at 07:51:43PM +0100, martin f krafft wrote: > also sprach Gareth Bowker <tgb96@aber.ac.uk> [2002.02.07.1017 +0100]: > > If you're worried about missing stuff out, you could start with a firewall > > that defaults everything to DROP and go from there... > > good point. any-any-any-DROP is what i call the base firewall. there > is *no* argument for a firewall that's based on anything but this > essential rule. there *should* also be a rule any-any-any-LOG right > before. Hopefully with a limit option. -- Florian Friesdorf <42ff@gmx.net> OpenPGP key available on public key servers ------> Save the future of Open Source <------ -> Online-Petition against Software Patents <- ------> http://petition.eurolinux.org <-------
Attachment:
pgpKLuhPwBjIO.pgp
Description: PGP signature