[3561] in linux-net channel archive
Re: Default Forwarding Policies
daemon@ATHENA.MIT.EDU (lilo)
Mon Jul 1 23:46:45 1996
From: lilo <TaRDiS@mail.utexas.edu>
Date: Mon, 1 Jul 1996 17:54:11 -0500 (CDT)
To: Linux Net Mailing List <linux-net@vger.rutgers.edu>
In-Reply-To: <199607011508.IAA02940@dandelion.com>
On Mon, 1 Jul 1996, Leonard N. Zubkoff wrote:
> About the window during the boot phase: as long as you put the
> ipfwadm commands _before_ the ifconfig commands (which is possible,
> even using device names, etc.), there is no serious risk (except when
> ipfwadm crashes, but even that could be catched by checking the
> default policy before doing the ifconfig commands).
>
> Good point. I didn't realize it was legal to install the firewall rules before
> ifconfig was executed.
Eeps, sorry. Good point. It's also helpful that when you flush a set of
rules, it doesn't flush the default setting.
lilo
