firewall init prior network init
Hello,
I'm trying to set up a firewall using iptables, and i ran across some
documentation which recommends disabling the network altogether during
boot time until our firewall script is loaded.
Some of this implementation's commands included:
Block ICMP redirects
for CONF in /proc/sys/net/ipv4/conf/*/accept_redirects; do
echo 0 > $CONF
done
# Block IP Source Routing
for CONF in /proc/sys/net/ipv4/conf/*/accept_source_route; do
echo 0 > $CONF
done
# Block IP spoofing
for CONF in /proc/sys/net/ipv4/conf/*/rp_filter; do
echo 1 > $CONF
Does anyone have any suggestions, maybe some that would be better
suited for Debian??
Bart
Reply to: