[Gllug] Firewall which works even when the machine is shut down
John Hearns
john.hearns at framestore-cfc.com
Thu Jan 10 17:51:22 UTC 2002
Sysadmin mag has an article on Linux firewalling,
which illustrates how an iptables firewall can still
run when the machine is shut down.
When you go to runlevel 0, the kernel is still left
there in memory, and will respond to interrupts.
So if you take out the script in which kills IPchains then
the box will continue to filter packets, even though
you can't log into it. Weird.
Sorry - the article doesn't seem to be online.
The article is based on a RedHat system, running
a 2.2 kernel.
The recipe is to remove
/etc/rc.d/rc0.d/S00killall
/etc/rc.d/rc0.d/K90network
/etc/rc.d/rc0.d/K92ipchains
if anyone wants to play with this.
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list