Iptables initialization

Carsten P. Gehrke
Thu Feb 12 23:56:09 PST 2004

ken_i_m at elegantinnovations.net wrote:

I have noticed that the network is initialized and working before the
firewall.  A gap.  One I have never measured but always assumed (at least
while I did not have time to do anything about it in any case) to be small
enough that it was an OK tradeoff.


I changed the order long ago, when I set up my first LFS box.  I run the 
firewall script first, then start networking, and stop networking before I 
tear down the firewall.  The gap was my concern, and I didn't see any 
reason why networking had to be up before the iptables were 
set.  Everything seems to work alright.  I've been wondering if I should 
add some sort of flag that indicates the firewall is built as intended, and 
have the network script test it before it activates the interfaces.

BTW, what's the proper way to reply to a message in the digest?

