[EMAIL PROTECTED] writes: > Hello, > > Concerning the default config of shorewall, I suggest that the default > rule for wan->all is set to DROP rather than REJECT. I think it's better > in term of security (ref. Linux firewalls by R.L. Ziegler).
I know that ... this could be done indeed ... The standard sonfiguration is not the most secure one ... nut one has the possibility to restrict even more the firewall policies, rules. > In the same spirit, for boxes connected by ADSL or dial-up (and perhaps ISDN but I >don't know), I suggest that the interface defined for wan is set up to ppp+. By >experience, I've started by using eth1 (where is connected by ADSL modem) and spent >some time to find why my connection was not working. it's in the online docs though ... but this could be also feasable. thx for your thoughts, have a nice day, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
