[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: init.d startup sequence for shorewall

On Tue, 2002-12-10 at 22:05, Gene wrote:
> can you elaborate on your question, since you're using the box as a 
> firewall, this particular service should be up first to ensure that your 
> perimeter is in check..  also, if this is your gateway host, how else 
> would you get your internal network to go outside?
> i really didn't understand your question, so if you could elaborate on 
> what you want to do or your concern, i would be happy to reply back.
> take care,
> /gene

I am running following services on this box
firewall (shorewall)
mailserver (qmail and courier-imap)
webserver (apache)

I have http, ssh, imap and smtp ports open. eth0 internet, eth1 interal
hub (which allows 3 laptops to access internet). 

My concern/question is this:

networking comes up at S35 in runlevel 0 so my internet is up and there
is no firewall running so far. System will switch to runlevel 2 where it
will start other serverices and at S90 it will start the firewall. So
for this short time between S35networking and S90shorewall my system is
not protected at all, this is my concern and question is "isn't this a
security risk ?"



Yogesh Sharma <ysharma@catprosystems.com>

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: