[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Firewall-troubleshooting

Daniel Pittman wrote:
> ...
>>So, probably, the best way to go is allowing the R/E packets alongside their
>>"new state" counterparts. It also clarifies where the packets are accepted 
>>and WHY. Also, "iptables -v" should be a lot more useful than before.
> That was my point, basically. Thanks for actually saying it in a clear
> and comprehensible fashion.

Daniel, would you mind showing me an example of what you think is a
wise/correct/whatever use of R/E rules?

The reason i'm trying to work through all of this is that i'm a
Shorewall developer and would like to make sure it works in a way that
makes security sense to other firewall users.

Did you know?  Using Microsoft Internet Explorer can make your computer
less secure.  Find out more at <http://browsehappy.com>.

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: