[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] ipchains adding to rc.local
- Subject: Re: [cobalt-security] ipchains adding to rc.local
- From: "Nico Meijer" <nico.meijer@xxxxxxxxx>
- Date: Wed, 25 Jul 2001 22:29:44 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Robbert,
> Then IN the file servercommands I add the following lines:
>
> /sbin/ipchains -I input -s 203.232.240.215 -j DENY -l
> /sbin/ipchains -I input -s 63.25.226.171 -j DENY -l
>
> and so on.....
>
> Am I correct doing it this way ?
Technically, yes. I wouldn't advice you on doing that, personally.
IMHO, it's better to create a *complete* firewall script as (for instance)
/etc/rc.d/rc.firewall and call that from rc.local.
There has been a lot of discussion on ipchains recently, so if you've got
the time: read up. Check the firewall and ipchains howto's aswell.
Any questions: ask. A lot of people on this list seem to have their way with
ipchains, so there's lots to learn. You're getting to the good stuff now.
;-)
Take care... Nico