Re: Firewall Startup Configuration files

To: debian-firewall@lists.debian.org
Subject: Re: Firewall Startup Configuration files
From: Magnus Sundberg <Magnus.Sundberg@dican.se>
Date: Tue, 04 Nov 2003 13:57:08 +0100
Message-id: <[🔎] 3FA7A224.9000807@dican.se>
In-reply-to: <[🔎] 3FA67ED0.2000101@iteso.mx>
References: <[🔎] 3FA65F11.6080304@dican.se> <[🔎] 3FA67ED0.2000101@iteso.mx>

Jose Alberto wrote:

 Check /etc/sysctl.conf
You can set anything settable under /proc/sys with this file, it ispart of the sysctl program, and it's run at startup before any runlevelby /etc/rcS.d/S30procps (at least in sarge, woody is probably the same).
  Cheers


Thanks,

I have looked around a little bit more now and I will put all mykernel alterations into /etc/sysctl.conf except for the`echo "1" > /proc/sys/net/ipv4/ip_forward´ since this wouldgenerate a race condition during boot up. You know the defaultstance of the iptables FORWARD table is ACCEPT.


I will add this to the /etc/default/iptables

iptables -P FORWARD -j DROP
echo "1" > /proc/sys/net/ipv4/ip_forward

This way will the system not forward packages to the hosts behindthe firewall


/Magnus

Reply to:

Follow-Ups:
- Re: Firewall Startup Configuration files
  - From: "Peter Robb" <deb@newproject.pl>

References:
- Firewall Startup Configuration files
  - From: Magnus Sundberg <Magnus.Sundberg@dican.se>
- Re: Firewall Startup Configuration files
  - From: Jose Alberto <jose-debianlists@iteso.mx>

Prev by Date: Unidentified subject!
Next by Date: Re: Firewall Startup Configuration files
Previous by thread: Re: Firewall Startup Configuration files
Next by thread: Re: Firewall Startup Configuration files
Index(es):
- Date
- Thread