[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: 2nd try: Was Firewall problem: Only works on a restart.



Tim wrote:

And wouldn't that mean that for at least some time, you have a network
without any firewall protecting you?

Yes, but on a host firewall or NAT firewall, there's very little risk in that. In between the network init and firewall init, there's nothing exposed (unless you're using NetworkManager... */me rolls eyes*). If you're using a system that acts as a router for a network that's not RFC1918 numbered (or using NM), I'd recommend setting up the "iptables" firewall to deny everything, and allow that to start before the network. Then configure your preferred firewall service (such as Shorewall) to start after your network interfaces.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]