-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Buchan Milne wrote: | Jan Ciger wrote: | | And fixing it is trivial if you know how, just modify the policy file. | IMHO, the default policy should be as near to that the user would want | as possible, thus: | | wan all DROP | fw masq DENY | fw wan ACCEPT | masq fw ACCEPT info | masq wan ACCEPT | all all REJECT |
Yep. I couldn't say it better. My point about msec was, that perhaps this default policy should be dependent on msec level - standard level like this and on highest everything locked up.
Jan - --
Jan Ciger VRlab EPFL Switzerland GPG public key : http://www.keyserver.net/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/WM3xn11XseNj94gRAma/AKCljkhQn3C7NG1dILxOa1VQUTbw6QCgnavH Q9s37pP9Go03LpIqktlwnnw= =5Gp7 -----END PGP SIGNATURE-----
