Hello, firehol does not work if it is configured to protect the NFS service and if NFS is down for some reason. In that case, esp. at machine startup, the machine in question ends up having none of their desired packet filters in place, ie, everything is allowed.
I consider this as quite unexpected behaviour, and would like to see some warnings to highlight this effect. I suggest that firehol simply emits a warning that it can't configure a dynamic services if it finds that the service in question is down, but then proceeds to configure all other services that work, at least as an option. Kind regards, --Toni++ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org