Hosting Provided By

Re: Why not have firewall rules by default?

From: Thomas Damgaard <thomasdn(at)gmail.com>
Date: Wed Jan 23 2008 - 10:37:15 EST

On Jan 23, 2008 4:19 PM, William Twomey <william.twomey@gmail.com> wrote:
> One solution could be to have a folder called /etc/security/iptables
> that contains files that get passed to iptables at startup (in the same
> way /etc/rc2.d gets read in numeric order). So you could have files like
> 22ssh, 23ftp, etc. with iptable rules in each file. You could also have
> an 'ENABLED' variable like some files in /etc/default have (so that
> ports wouldn't be opened by default; the user would have to manually
> enable them for the port to be opened).
>
> Then they'd just run /etc/init.d/iptables restart and the port would be
> opened (flush the rules, reapply).

I think this would be a great feature!

-- 
Med venlig hilsen/Kind regards
Thomas Damgaard Nielsen
http://thomasdamgaard.dk


-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Wed Jan 23 10:39:21 2008

This message: [ Message body ]
Next message: Michael Loftis: "Re: Why not have firewall rules by default?"
Previous message: William Twomey: "Why not have firewall rules by default?"
In reply to: William Twomey: "Why not have firewall rules by default?"
Next in thread: Michael Loftis: "Re: Why not have firewall rules by default?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 06:55:21 EDT