Re: Firewall Startup Configuration files
Jose Alberto wrote:
Check /etc/sysctl.conf
You can set anything settable under /proc/sys with this file, it is
part of the sysctl program, and it's run at startup before any runlevel
by /etc/rcS.d/S30procps (at least in sarge, woody is probably the same).
Cheers
Thanks,
I have looked around a little bit more now and I will put all my
kernel alterations into /etc/sysctl.conf except for the
`echo "1" > /proc/sys/net/ipv4/ip_forward´ since this would
generate a race condition during boot up. You know the default
stance of the iptables FORWARD table is ACCEPT.
I will add this to the /etc/default/iptables
iptables -P FORWARD -j DROP
echo "1" > /proc/sys/net/ipv4/ip_forward
This way will the system not forward packages to the hosts behind
the firewall
/Magnus
Reply to: