iptables on warty
Christoph Georgi
christoph.georgi at web.de
Mon Mar 7 06:22:02 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jim Cheetham wrote:
|
| In either case, you'll need a script that is run when the machine starts
| up - and despite comments to others about using cron's @reboot facility,
| firewalling is important enough to be done "properly", and therefore
| Kirtis suggestion is the right one. Christoph's is functionally
| identical, too - although I would prefer to see the original script
| in /etc/init.d rather than elsewhere.
|
| I suggest that you don't bother with iptables-save and iptables-restore,
| and just concentrate on automating your "iptables -A INPUT ..." script.
|
It seems that you need to have the permissions set to 0777 in the init.d
folder which makes the firewall script vulnerable as anyone can rewrite
it?! Or do I miss something?
.christoph
- --
Christoph Georgi
- -----------------------------
email. christoph.georgi at web.de
fon. +64 (0)21 049 8030
registered linux user #380268
ubuntulinux 4.10 (warty)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCK/MKgQyJJUB4UhwRAiW4AKCUkxRBmWi04zq3s9hkj3nxltjFuQCg4A9r
YTd/pVIN+g5TAg+jxYKyviA=
=A7Oq
-----END PGP SIGNATURE-----
More information about the ubuntu-users
mailing list