[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Fedora Security Policy



On Tue, 20 Jan 2009, Jorge Bras wrote:

> Hi there,
>
> in iptables config, why not, change the default forward policy to drop ?
> by default ip forwarding is off, but I think is a good practice deny
> everything by default, just in case.
>

I could be wrong on this but:

net.ipv4.ip_forward = 0

listed in 1.2 should cover that.  I'm not sure how its all designed to
work.  I just know how it seems to work.

Its probably not a bad idea to set it in both places though.

	-Mike


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]