On Tue, Dec 10, 2002 at 03:39:35PM -0800, Yogesh Sharma wrote: > > In my opinion shorewall must be started as soon as network is up. > > What does list sugguests ? Is this a security problem ?
Yes this is a security issue, if you take iptables, for example, it is run in S10. Any firewalling script should run before (or at the same time) as the network is brought up. Otherwise, you have a few moments in which you are forwarding packets (if the networking script enables it) and you are not filtering them (unless you have a default DROP policy before configuring the firewall) Regards Javi
pgpmKrVThw6ja.pgp
Description: PGP signature