On Mon, Mar 15, 2004 at 11:35:29PM +0000, Antony Stone wrote: > On Monday 15 March 2004 11:18 pm, Alexander Samad wrote: > > > Hi > > > > I have attached my firewall script, basically creates a DB of rules, > > also creates a default set of rules. > > > > Any comments ? > > It's long, it's complicated, and it contains some regexes which I don't even > want to think about. > > If you get some problems, by all means post the output of "iptables -L -nvx; > iptables -L -t nat -nvx" and tell us what the problems are, but I think this > script is in such a nonstandard form that not many people here are going to > spend the time looking through it and trying to see if there are any security > holes. Yeah true, it builds a db and you can run the script against the db to build the tables. Usually use it on new box to create a default DB of rules and then play from there, normal sequence makefirewall makeall makefirewall setsecurity makefirewall showtables | less > > That's my opinion, anyhow.... (happy for someone else to show I'm wrong) > > Regards, > > Antony. > > -- > If at first you don't succeed, destroy all the evidence that you tried. > > Please reply to the list; > please don't CC me. > > >
Attachment:
signature.asc
Description: Digital signature
