[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Please critique my iptables-based firewall

On May 22, Rob Weir wrote:
> I'm not an iptables expert, but I would suggest that  this should be
> the very last thing in the script, after all the rules have been set
> up.  Otherwise you've created a race condition that could
> (conceivably) cause a lot of pain.
no no no.  All it does is set a runtime variable in the kernel to permit it
to forward TCP packets if need be.  You could say that it is nothing to do
with iptables.


/ Laugh, and the world ignores you. \
\ Crying doesn't help either.       /
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||

Attachment: pgpKFbLvsb0_h.pgp
Description: PGP signature

Reply to: