Re: firewall script

To: meskes@topsystem.de
Cc: debian-firewall@lists.debian.org
Subject: Re: firewall script
From: Henry Hollenberg <speed@barney.iamerica.net>
Date: Fri, 17 Apr 1998 18:07:23 -0500
Message-id: <[🔎] 199804172307.SAA05930@barney.iamerica.net>

> Henry Hollenberg writes:
> > dpkg -i `find . -name "libc5_*.deb"`
> > dpkg -i `find . -name "libc5-dev_*.deb"`
> > ...
> 
> Why all these old packages? Do you use bo? I don't think this is a good idea
> for a firewall.

I was striving to automate the install of a working firewall using Debian 
and ran into problems even getting 2.0 up and running....so I figured I would
R&D the thing and work out all sorts of issues (DNS, Mailhub, proxys etc) on
1.3.1 and then migrate to 2.0 when 2.0 was a smooth install.

> > dpkg -i `find . -name "dpkg-dev_*.deb"`
> > dpkg -i `find .. -name "electric-fence_*.deb"`
> > dpkg -i `find . -name "gcc_*.deb"`
> > dpkg -i `find . -name "gdb_*.deb"`
> > dpkg -i `find . -name "kernel-source-2.0.30_*.deb"` <<EOF
> > Henry Hollenberg
> > speed@barney.iamerica.net
> > EOF
> 
> Why do you need all these development packages? Okay, if you want to compile
> your own kernel you need some, but not dpkg-dev, gdb and electric-fence.

Most seemed to be required as dependencys for perl and tcl....the beauty of
doing it with a install, build-configure and strip as an automated routine
is you can throw all the libraries and tools in there you want....on the 
front side and then have your strip routines remove them once the firewall
is built.

> 
> Besides, 2.0.30 is vulnerable by a teardrop attack.

I was planning on using 2.0.33 but the latest one on the 1.3.1 CD-Rom
was 2.0.30 :-(, still haven't figured out how I'm going to handle that
issue...I guess have the install do an ftp....

> 
> > dpkg -i `find . -name "patch_*.deb"`

I can't remember right off what needed this one....I guess that points out
another issue keeping a list of depended-on-by's on each package.

I've got alot more time to work on the project this coming week so expect
to be finished with my first time thru on setting up and automating the
major components then.  After that will come refinements and polishing and
a whole bunch of critique I'm sure.

Thanks for the input.....it's vital.    hgh

> 
> Same question again: Why this?
> 
> Michael
> 
> -- 
> Dr. Michael Meskes, Project-Manager    | topsystem Systemhaus GmbH
> meskes@topsystem.de                    | Europark A2, Adenauerstr. 20
> meskes@debian.org                      | 52146 Wuerselen
> Go SF49ers! Go Rhein Fire!             | Tel: (+49) 2405/4670-44
> Use Debian GNU/Linux!                  | Fax: (+49) 2405/4670-10
> 
> 
> --
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Prev by Date: Re: firewall script
Next by Date: Re: firewall script
Previous by thread: Re: firewall script
Next by thread: Re: firewall script
Index(es):
- Date
- Thread