[Shorewall-users] Okay, that's enough, I'm giving up!

G. Walsh gwalsh at dscdirectionalservices.com
Sun Jul 11 13:16:12 PDT 2004


Hmmmm ... I didn't think of that one, Karsten.  I moved it up one notch
when installing - from standard to high - which isn't a big jump but
enough to let me monitor changes in the sys files every morning.

Thanks for the input.

George


On Sun, 2004-07-11 at 12:39 +0200, Karsten Bräckelmann wrote:
> On Sat, 2004-07-10 at 18:56 -0700, Tom Eastep wrote:
> > G. Walsh wrote:
> > 
> > > First, I discovered that some great hand takes it upon himself to
> > > overwrite /etc/sysctl.conf, resetting the log_martians equate each time.
> > 
> > Each time what?
> > 
> > > But if shorewall is started, that overrides. So  .....  that problem is
> > > done away with.  Mandrake, Mandrake!!   Less 'magic', more 'meat'.
> 
> Just a shot in the darkness: What's the msec security level you choose
> for that server?
> 
> I don't know for sure, but that setting may affect the log_martians
> setting as well. Just to mention it as a possibility, since I don't have
> time right now to check anything further.
> 
> 
> A personal note: Mandrake is very happy with the RPMs provided by
> shorewall.net. Even less hassle than using the tarball (if at all). And
> don't use the Mandrake wizard at all for configuring shorewall, but you
> probably figured that out yourself already...
> 
> 
> > I am inclined to not run Mandrake as a firewall (although I like the 
> > folks at Mandrake, I am a MandrakeClub member and I buy licenses for 
> > their official releases). Mandrake's philosophy is to be on the cutting 
> > edge of Linux development which is fine for a desktop (which is where I 
> > run Drake) but not for a firewall or server. If you want to run a 
> > Mandrake Firewall, I recommend that you run MNF (which is also 
> > Shorewall-based).
> 
> As long as you don't let those wizards mess with your good, hand-crafted
> shorewall configuration, it should work fine. ;-)
> 
>  karsten
> 
> 
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users at lists.shorewall.net
> Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
 -- G. Walsh, Managing Director, DSC Directional Services Corp., Victoria, B.C., Canada



More information about the Shorewall-users mailing list