BTP wrote: > Hello, > > I'm trying to set up a firewall using iptables, and i ran across some > documentation which recommends disabling the network altogether during > boot time until our firewall script is loaded. > > Some of this implementation's commands included: > > Block ICMP redirects > for CONF in /proc/sys/net/ipv4/conf/*/accept_redirects; do > echo 0 > $CONF > done > > # Block IP Source Routing > for CONF in /proc/sys/net/ipv4/conf/*/accept_source_route; do > echo 0 > $CONF > done > > # Block IP spoofing > for CONF in /proc/sys/net/ipv4/conf/*/rp_filter; do > echo 1 > $CONF > > Does anyone have any suggestions, maybe some that would be better > suited for Debian?? > > Bart >
Use shorewall. -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~roberto
signature.asc
Description: OpenPGP digital signature
