| 1 |
However, as far as I know, iptables is perfectly happy creating rules for non-existent |
| 2 |
interfaces. Of course this can have changed, but when I first learned to use iptables |
| 3 |
the doc specifically sugested setting up iptables rules before bringing up the network. |
| 4 |
By the way, this is what I do at my firewall (allthough it runs debian, not gentoo), |
| 5 |
first starting iptables and then networking. Probably it's paranoid, but that way there |
| 6 |
is not even a theoretical possibility of an unsecure window during boot (for example, |
| 7 |
if a misconfiguration brings up a vulnerable service before the firewall is up). |
| 8 |
|
| 9 |
/Staffan Emrén |
| 10 |
|
| 11 |
-- |
| 12 |
Societas Archaeologica Upsaliensis |
| 13 |
018 - 10 79 30 www.sau.se |
| 14 |
|
| 15 |
|
| 16 |
-- |
| 17 |
gentoo-security@g.o mailing list |
Archives