Re: Red Hat 5.0 Release date
'Mark Baker wrote:'
>
>On Fri, Nov 21, 1997 at 02:27:13PM +0100, Turbo Fredriksson wrote:
>
>> Agrees, the '/etc/init.d/network' should only contain the actual network
>> up/down thingies, why not have a generic '/etc/init.d/firewall' that can be
>> started manually or if, in the install procedure:
>>
>We mustn't include /etc/init.d/firewall at boot until it is correctly
>configured. Better to make the users enable it manually.
Why? There are a few firewall rules that could go on everyone's
machine. They should be configured before the interface is brought up
(so there are no race conditions). So the firewall stuff in
/etc/init.d/network would IMO be just the very basics ... a place
holder to show users where to put this type of information. The script
should be idempotent, of course. And have start, stop and restart
arguments. Very simple. We should not prompt users about firewall
rules since anything beyond the simple anti-DOS rules are very site
specific.
--
Christopher J. Fearnley | Linux/Internet Consulting
cjf@netaxs.com | Design Science Revolutionary
http://www.netaxs.com/~cjf | Explorer in Universe
ftp://ftp.netaxs.com/people/cjf | "Dare to be Naive" -- Bucky Fuller
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: