From mboxrd@z Thu Jan 1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
by nuthatch.gentoo.org with esmtp (Exim 4.62)
(envelope-from <gentoo-user+bounces-60525-garchives=archives.gentoo.org@gentoo.org>)
id 1HLSHD-0003eM-Hq
for garchives@archives.gentoo.org; Sun, 25 Feb 2007 22:55:32 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l1PMsFbm019028;
Sun, 25 Feb 2007 22:54:15 GMT
Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.184])
by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l1PMm0PW011671
for <gentoo-user@lists.gentoo.org>; Sun, 25 Feb 2007 22:48:00 GMT
Received: by nf-out-0910.google.com with SMTP id c31so2772621nfb
for <gentoo-user@lists.gentoo.org>; Sun, 25 Feb 2007 14:48:00 -0800 (PST)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed;
d=gmail.com; s=beta;
h=domainkey-signature:received:received:from:reply-to:to:subject:date:user-agent:references:in-reply-to:mime-version:content-type:content-transfer-encoding:message-id;
b=khk4unqmmW4rbfe7WGWCsnUMZCeQSunoaO4EMA+hhoXqlRRPqBv9uGqATNrUPRK+nI9NGDkXMDmac/cf92yQXDlbMDI0rBxd00airp0wO2f8eXhSPbplxDtHZ1HlwjmWz7DTRTBTphJK2dXYtYXoO6GT549xXYHLwyAgBpAWebk=
DomainKey-Signature: a=rsa-sha1; c=nofws;
d=gmail.com; s=beta;
h=received:from:reply-to:to:subject:date:user-agent:references:in-reply-to:mime-version:content-type:content-transfer-encoding:message-id;
b=ezfqQo7h+HyeOydpyFhGU63BjUyyHUU0vel+NE/6g6kTNKP7T4Z6kgZpqTGGnp40lqaBeRstmCN+cEatr5kqCsBerjpASb9c9+5++3K9ffCjJfaoURY0hvi60RG/Ykgms+zF5BRNK1FUY1o4GovKOtw3X5ATkd3oBw3Y82WZfJs=
Received: by 10.48.217.20 with SMTP id p20mr11363046nfg.1172443680400;
Sun, 25 Feb 2007 14:48:00 -0800 (PST)
Received: from lappy.study ( [213.162.120.196])
by mx.google.com with ESMTP id c22sm11123480ika.2007.02.25.14.47.59;
Sun, 25 Feb 2007 14:48:00 -0800 (PST)
From: Mick <michaelkintzios@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] What if the firewall doesn't start?
Date: Sun, 25 Feb 2007 22:47:41 +0000
User-Agent: KMail/1.9.5
References: <49bf44f10702251158n2ab9c587y9563d6ad4fa3a4b3@mail.gmail.com>
In-Reply-To: <49bf44f10702251158n2ab9c587y9563d6ad4fa3a4b3@mail.gmail.com>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: multipart/signed;
boundary="nextPart5783178.7Qj7aFtEic";
protocol="application/pgp-signature";
micalg=pgp-sha1
Content-Transfer-Encoding: 7bit
Message-Id: <200702252247.43130.michaelkintzios@gmail.com>
X-Archives-Salt: 64be91f3-0bb9-43ef-ac53-7232a58c8483
X-Archives-Hash: 69e04b223d4be5cb4059bf95b15b0898
--nextPart5783178.7Qj7aFtEic
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On Sunday 25 February 2007 19:58, Grant wrote:
> It occurred to me that if the shorewall firewall on my headless router
> doesn't start for whatever reason, I'll be totally exposed. Is there
> a way to protect against that?
Well, you'll get an error during boot that iptables did not come up. I ass=
ume=20
that shorewall is only run when you change the script and=20
otherwise /etc/init.d/iptables is run as a default service after boot. =20
Anyway, a closed port remains closed whether a firewall is running, or not.=
=20
An open port is hopefully protected by decently strong passwds/authenticati=
on=20
mechanisms.
=2D-=20
Regards,
Mick
--nextPart5783178.7Qj7aFtEic
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQBF4hIP5Fp0QerLYPcRAqv9AJoDiDHYMDpi+hB41ge55/zYfALFuACfWf7N
K4vLrzAmtaiRbWHQ59YaZjM=
=vzYb
-----END PGP SIGNATURE-----
--nextPart5783178.7Qj7aFtEic--
--
gentoo-user@gentoo.org mailing list