[Shorewall-users] some "feature questions"

Goetz Reinicke goetz.reinicke@filmakademie.de
Sat, 27 Apr 2002 18:45:10 +0100


Hi,

I recently got a book about linux firewalls (for ipchains), and in the 
examples they activate/dissable some funktions in /proc/sys/net/ipv4.

E.g. reject ICMP-Redirects, protection against bogus IPs, activate 
TCP-SYN-Cookies, reject source routed packets. Furthermore they reject 
fragmented packets.

Are there any comparable mechanisms in shorewall? Or do I have to 
activate those protections by hand / systemstart?

Thanks.

cu...
...Götz Reinicke

- Götz Reinicke -------------------- mailto: greinick@filmakademie.de -
   IT Koordinator                                   Tel: 07141/969-420
   IT-OfficeNet Filmakademie Baden-Württemberg    Fax: 07141/969-55420
- Mathildenstr. 20, 71638 Ludwigsburg ----------- www.filmakademie.de -