Joseph L. Casale wrote:
When I installed CentOS, I disabled the firewall (both iptables
> and ip6tables service were left running though). How does shorewall
interact with upstreams iptables configuration? Would it always overwrite
> anything configured with its own configuration once started?
Yes -- assuming that Shorewall is started after the other firewall. But you should always disable your distribution's default firewall when installing Shorewall.
How is system security handled while booting, when does shorewall
> start protecting the machine during boot?You can answer that question yourself -- look at your init script configuration. But normally, Shorewall starts after networking but before any Internet-accessible services.
Is there a period of time when the machine may be unprotected?
That depends on the answer to the previous question. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
