In response to a post on BLFS support I looked at the pages in my current version of BLFS (svn-20050331) and I can't see where it says to install the iptables bootscript. Is it just me, or is this a bug in the book?
Yes. It is a bug that I will fix soon.
Whilst I'm here on iptables business, in the personal firewall script it sets the rule
iptables -A OUTPUT -j ACCEPT
which as the comment says, is the same as setting the output policy to ACCEPT, but in the same script it also explicitly sets
iptables -P OUTPUT DROP
which sets the output policy to DROP. Is that not a contradiction?
Not really. If the default is set to DROP, then the onlt thing to change is the rules. If you set to ACCEPT and then want to change the rules later, it would be easy to forget about the policy and the rules would then not do what you want.
-- Bruce
-- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
