[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Kernel options - how to determine which are needed?



Arnt Karlsen wrote:
.._I_ would add everything in netfilter/iptables and remove ipchains
support, and make use of iptables statefullness features, up high in
in my rule lists, seatch netfilter.org mailing lists for samples of
" -j ALLOW RELATED,ESTABLISHED " in action.

Well, that's a given. The other part of the reason for a new kernel is to get iptables support in there so I can get Shorewall up on that machine. Just makes me nervous not knowing what options I can drop on a machine I have no physical access to. :/

--
         Steve C. Lamb         | I'm your priest, I'm your shrink, I'm your
       PGP Key: 8B6E99C5       | main connection to the switchboard of souls.
-------------------------------+---------------------------------------------

Attachment: pgp1KlZ04E1fZ.pgp
Description: PGP signature


Reply to: