dagmar.wants at nospam.com
Thu Apr 15 15:24:56 PDT 2004
On Tue, 2004-04-13 at 02:49, Nathan Coulson wrote:
> What kind of changes were you making to the bootscripts anyway? Would be
> nice if we can keep the 2 tree's close together.
Mainly, just adding sections similar to the following...
if [ -z "$MONOLITHIC_FIREWALL" ]; then
for interface in $EXTRANET_IF; do
permit_outbound external domain
for interface in $INTRANET_IF; do
permit_inbound dmz domain
permit_inbound internal domain
Nothing particularly invasive, and definitely not complex enough to
require much more than a patch at this point.
Yes, "external", "internal", and "dmz" are special words, but can be
replaced by interface names (but why would you want to) If anyone can
thing up a decent and sane way of differentiating a dmz segment from an
intranet segment, I'd like to hear it (but I don't think there is one).
This would have been complete by now but I've spent the last two days in
bed with the flu. *sigh*
The email address above is phony because my penis is already large enough, kthx.
AIM: evilDagmar Jabber: evilDagmar at jabber.org
More information about the hlfs-dev