Carsten P. Gehrke
Carsten at rollinghorse.com
Thu Feb 12 23:56:09 PST 2004
ken_i_m at elegantinnovations.net wrote:
I have noticed that the network is initialized and working before the
firewall. A gap. One I have never measured but always assumed (at least
while I did not have time to do anything about it in any case) to be small
enough that it was an OK tradeoff.
I changed the order long ago, when I set up my first LFS box. I run the
firewall script first, then start networking, and stop networking before I
tear down the firewall. The gap was my concern, and I didn't see any
reason why networking had to be up before the iptables were
set. Everything seems to work alright. I've been wondering if I should
add some sort of flag that indicates the firewall is built as intended, and
have the network script test it before it activates the interfaces.
BTW, what's the proper way to reply to a message in the digest?
Carsten Gehrke LFS No.: 190 using Linux since kernel 0.98
carsten at gehrke.org http://tech.rollinghorse.com/
More information about the hlfs-dev