On Fri, Dec 28, 2012 at 01:07:11AM -0500, Michael Orlitzky wrote
> On 12/27/2012 10:59 PM, Walter Dnes wrote:
> > 
> >   Here's my revised "Paranoia Plus" ruleset.  Any comments?  Because I'm
> > behind a NAT-ing ADSL router/modem, many of my rules rarely see hits.
> > However, I do have a backup dialup connection in case of problems, so
> > most of my rules don't specify the network interface.  A couple of
> > notes...
> > 
> 
> I did a bunch of inline comments below as I was trying to understand the
> rules. At the end I give the tl;dr, but maybe the inline comments are
> useful too.

  Thanks.  My ruleset has accumulated years of cruft.  I should really
sit down and rewrite the thing from square 1.  I have one comment.  You
show what appears to be a bash script for setting up the rules.  I work
with the contents of file /var/lib/iptables/rules-save instead.  

-- 
Walter Dnes <waltd...@waltdnes.org>
I don't run "desktop environments"; I run useful applications

Reply via email to