Package: firehol
Version: 1.214-2
Severity: normal
during boot, firehol doesn't set iptables policy to DROP:
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
however, when I login as root and do /etc/init.d/firehol restart,
with exactly the same /etc/firehol/firehol.conf, the result is
different:
Chain INPUT (policy DROP 0 packets, 0 bytes)
Chain FORWARD (policy DROP 0 packets, 0 bytes)
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
If I understand the generated rules correctly, this is not a terrible
issue, because there is an explicit DROP at the end of each table.
However, it really looks bad.
Regards,
Hanus Adler
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.9-1-686
Locale: LANG=cs_CZ, LC_CTYPE=cs_CZ (charmap=ISO-8859-2)
Versions of packages firehol depends on:
ii bash 3.0-14 The GNU Bourne Again SHell
ii bc 1.06-17 The GNU bc arbitrary precision cal
ii iproute 20041019-3 Professional tools to control the
ii iptables 1.2.11-10 Linux kernel 2.4+ iptables adminis
ii net-tools 1.60-10 The NET-3 networking toolkit
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
