firewall init prior network init

To: debian-user@lists.debian.org
Subject: firewall init prior network init
From: BTP <smokefat@gmail.com>
Date: Fri, 17 Mar 2006 16:53:59 -0700
Message-id: <[🔎] 42ad30bb0603171553i42260dc6m38ecb37c01f27eaa@mail.gmail.com>

Hello,

I'm trying to set up a firewall using iptables, and i ran across some
documentation which recommends disabling the network altogether during
boot time until our firewall script is loaded.

Some of this implementation's commands included:

Block ICMP redirects
for CONF in /proc/sys/net/ipv4/conf/*/accept_redirects; do
	echo 0 > $CONF
done

# Block IP Source Routing
for CONF in /proc/sys/net/ipv4/conf/*/accept_source_route; do
	echo 0 > $CONF
done

# Block IP spoofing
for CONF in /proc/sys/net/ipv4/conf/*/rp_filter; do
	echo 1 > $CONF

Does anyone have any suggestions, maybe some that would be better
suited for Debian??

Bart

Reply to:

Follow-Ups:
- Re: firewall init prior network init
  - From: "Roberto C. Sanchez" <roberto@familiasanchez.net>

Prev by Date: upgrade fails with X's
Next by Date: Re: prefered kernel configuration?
Previous by thread: Re: upgrade fails with X's
Next by thread: Re: firewall init prior network init
Index(es):
- Date
- Thread