[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: init.d startup sequence for shorewall



On Fri, Dec 13, 2002 at 09:25:02AM +0100, Javier Fern?ndez-Sanguino Pe?a wrote:
> On Thu, Dec 12, 2002 at 04:18:17PM -0500, Raymond Wood wrote:
> > There have been several responses to Yogesh's question, but none
> > of them provide a clear and straightforward answer.  
> 
> Ok. Let me try again: this is a security risk. 
> 
> A gateway firewall _needs_ to be setup the following way:
> 
> 0.- setup a default DROP policy, flush all policies
> 1.- startup network interfaces (but w/o forwarding)
> 2.- setup proper firewall rules
> 3.- enable forwarding

/etc/network/interfaces

	pre-up

-- 
Pav
                                 ,.,
                               ,``:'',
That your internet traffic is  {o ! o}  My GPG/PGP key is now available at
vulnarable is NOT only a joke! ] -+- [  x-hkp://search.keyserver.net:11371.
                                \ ! /
                                 `-'

`shell$ gpg --keyserver x-hkp://search.keyserver.net:11371 --recv-key 164C028F`

Attachment: pgp3BZMsjE7tg.pgp
Description: PGP signature


Reply to: