Package: pyroman Version: 0.3-2 Severity: wishlist in 04_conntrack.py, I suggest adding filters for invalid states:
iptables("INPUT", "-m state --state INVALID -j %s" % Firewall.drop)
iptables("OUTPUT", "-m state --state INVALID -j %s" % Firewall.drop)
iptables("FORWARD","-m state --state INVALID -j %s" % Firewall.drop)
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/dash
Kernel: Linux 2.6.16-2-xen-amd64-k8
Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Versions of packages pyroman depends on:
ii iptables 1.3.3-2 Linux kernel 2.4+ iptables adminis
ii python 2.3.5-11 An interactive high-level object-o
pyroman recommends no packages.
-- no debconf information
--
Please do not send copies of list mail to me; I read the list!
.''`. martin f. krafft <[EMAIL PROTECTED]>
: :' : proud Debian developer and author: http://debiansystem.info
`. `'`
`- Debian - when you have better things to do than fixing a system
signature.asc
Description: Digital signature (GPG/PGP)
