On Wednesday 14 July 2004 5:48 pm, Hudson Delbert J Contr 61 CS/SCBN wrote: > what are you talking about proofread...i didnt preface anything or put that > subject: there No, that was the subject on the original email requesting people to proofread the attached script. I did not suggest that you had changed the subject - I was simply wondering what it was you had responded to (the request to proofread something) if you hadn't seen the script containing the ruleset. > so get your facts straight about who saw what on what thread...dont > ass-u-me you know what anybody may have read. I am now well aware that you did not see the original script, since you said so in your last posting. That is why I just attached it again in my last posting, so that you could see it this time. The only assumption I made previously was that you saw the same email on the list as I did, which seems perfectly sensible to me, however I was quite happy to be corrected on this when you pointed it out. > send it inline...our filters are VERY GOOD.....must of stripped'em. Why do you describe filters which strip out something you would have benefited from seeing as "very good"? I regard a false positive (security measures catching something inappropriately) as worse than a false negative (letting through something which should ideally have been caught). At least in the latter case, there is an opportunity to catch it somewhere else in the system. In the former case, you may never even get to know about it... Oh, and by the way, please could you stop top-posting on this list? Thanks, Antony. > -----Original Message----- > From: netfilter-admin@xxxxxxxxxxxxxxxxxxx > [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]On Behalf Of Antony Stone > Sent: Wednesday, July 14, 2004 9:25 AM > To: 'netfilter' > Subject: Re: Proofreading > > On Wednesday 14 July 2004 5:10 pm, Hudson Delbert J Contr 61 CS/SCBN wrote: > > where is the ruleset. never saw it in any message traffic. > > It was attached to the original request for people to proofread it (if you > didn't see the script, what did you proofread!?). 4.6k textfile called > rc.iptables > > I've attached it again to this email so you can see it (I hope others on > the > > list don't mind the duplicate posting - it's not a very long script...) > > Regards, > > Antony. > > > -----Original Message----- > > From: netfilter-admin@xxxxxxxxxxxxxxxxxxx > > [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx]On Behalf Of Antony Stone > > Sent: Wednesday, July 14, 2004 5:13 AM > > To: netfilter > > Subject: Re: Proofreading > > > > On Wednesday 14 July 2004 1:00 pm, Erik Wikström wrote: > > > On Tue, Jul 13, 2004 at 04:19:57PM -0700, Hudson Delbert J Contr 61 > > > > CS/SCBN > > > > wrote: > > > > X...ports 6k --> at least 6100 > > > > rpc... > > > > nfs > > > > > > > > shall i go on. > > > > > > Please do. > > > > I don't quite understand this. Perhaps Hudson has not noticed the > > default > > > DROP policy in Erik's ruleset? > > > > Regards, > > > > Antony. -- Normal people think "If it ain't broke, don't fix it". Engineers think "If it ain't broke, it doesn't have enough features yet". Please reply to the list; please don't CC me.
