[Tfug] rp_filter
ewf
erich at dakotacom.net
Fri Jul 30 20:53:40 MST 2004
Well,
The problem is moot because, on careful inspection of the
boot logs, rp_filter is
already installed. I'm currently testing a modification to ipchains to
stop unauthorized
connections and it's working fine.
Erich
Matthew T. Eskes wrote:
>Then why not just add that script to init with update-rc.d and be happy?
>
> Good luck,
> Matt
>
>
>On Fri, 2004-07-30 at 19:00, ewf wrote:
>
>
>> I have Woody 3.0 in this machine and I want to make it more
>>secure. I want
>>to add on startup:
>>
>> #! /bin/sh
>> echo -n "enabling source address varification ..."
>> echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter
>> echo "done"
>>
>> This has to be done before any network devices are enabled. I
>>think I can add
>>this to:
>>
>> /etc/init.d/bootmisc.sh
>>
>>But I'm not so sure. For openers bootmisc.sh doesn't look like it's
>>written in
>>the same script language as /bin/sh, and then it looks like network
>>devices are
>>enabled before we execute this script. Is there a better place to add
>>this code?
>>
>>
>>
>> Cheers,
>>
>> Erich
>>
>>
>>_______________________________________________
>>tfug mailing list
>>tfug at tfug.org
>>https://www.tfug.org/mailman/listinfo/tfug
>>
>>
>
>_______________________________________________
>tfug mailing list
>tfug at tfug.org
>https://www.tfug.org/mailman/listinfo/tfug
>
>
>
More information about the tfug
mailing list