On Wed, Oct 13, 2004 at 06:13:36AM +0200, nicklas (smurfd) wrote: > Hey Debian-devels! > > I have had a package idea, for a long time now. The idea, was a > package, containing a "Flush-all" firewall script. Adding this script to > be ran at bootup. Just for the simplicity. I tend to keep forgetting to > add it myself.
You could actually try to convince the iptables maintainer to allow users to set this kind of "deny all" setup in postinst through debconf. It should be rather easy to do actually, since you just have to execute an iptables script (similar to what you provided) and run '/etc/init.d/iptables save'. I tried to do this a while back without any success (see #212692). There are a lot of ways to setup a firewall in Debian [1] I rather not have yet another package to do this. Regards Javier [1] http://www.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.en.html#s-firewall-setup
signature.asc
Description: Digital signature
