Andrew Ruthven skrev:
> Hi Chris,
>
> On Sun, 2007-08-12 at 21:33 +0100, Chris Boot wrote:
>>> I'm sorry, but the bad news is that currently
you'll have to write the
>>> ip6table rules by hand. The good news is that
you might be able to use
>>> the IPv4 rules as a base and just do some heavy
editting.
>>>
>> Thanks. Never mind, I guess it is the manual method
then. Is there a
>> Debian-recommended way of applying manual ip6tables
rules? I was
>> thinking of running an ip6tables-restore in post-up
in
>> /etc/network/interfaces, would that be a sensible
option?
>
> I'm not sure of a Debian recommended way, but a post-up
line or a file
> in /etc/network/if-up.d which only runs for the
interface you want would
> work okay.
Hi,
Shouldn't that be pre-up instead?
Otherwise a reboot of the firewall would leave it vulnerable
for some
split seconds.
/Mikael Frykholm
--
To UNSUBSCRIBE, email to debian-ipv6-REQUEST lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmasterlists.debian.org
|
