1 |
However, as far as I know, iptables is perfectly happy creating rules for non-existent |
2 |
interfaces. Of course this can have changed, but when I first learned to use iptables |
3 |
the doc specifically sugested setting up iptables rules before bringing up the network. |
4 |
By the way, this is what I do at my firewall (allthough it runs debian, not gentoo), |
5 |
first starting iptables and then networking. Probably it's paranoid, but that way there |
6 |
is not even a theoretical possibility of an unsecure window during boot (for example, |
7 |
if a misconfiguration brings up a vulnerable service before the firewall is up). |
8 |
|
9 |
/Staffan Emrén |
10 |
|
11 |
-- |
12 |
Societas Archaeologica Upsaliensis |
13 |
018 - 10 79 30 www.sau.se |
14 |
|
15 |
|
16 |
-- |
17 |
gentoo-security@g.o mailing list |