On Wed, Oct 13, 2004 at 11:39:29AM +0200, Javier Fernández-Sanguino Peña wrote: > On Wed, Oct 13, 2004 at 06:13:36AM +0200, nicklas (smurfd) wrote: > > Hey Debian-devels! > > > > I have had a package idea, for a long time now. The idea, was a > > package, containing a "Flush-all" firewall script. Adding this script to > > be ran at bootup. Just for the simplicity. I tend to keep forgetting to > > add it myself. > > You could actually try to convince the iptables maintainer to allow users > to set this kind of "deny all" setup in postinst through debconf. It should > be rather easy to do actually, since you just have to execute an iptables > script (similar to what you provided) and run '/etc/init.d/iptables save'. > I tried to do this a while back without any success (see #212692). >
Indeed currently iptables rules need to be loaded with pre-up scripting in /etc/network/interfaces. Old init.d scripts are deprecated and not installed at all. > There are a lot of ways to setup a firewall in Debian [1] I rather not have > yet another package to do this. > Agree. -- Francesco P. Lovergine
