Hi, I want to set up a firewall to protect my home network. I'm a little paranoid about a warning I read in the Securing Debian howto. It says that misusing iptables "[o]ne can even manage to lock himself out of the computer who's keyboard is under his fingers." Can anyone tell me what iptables rule set could lead to being locked out at the console? Does console access go through the "lo" interface?
>From rfc3330, I got a list of network addresses that shouldn't routed on the public network, and thus should be ignored if appearing as the source address on a packet coming in on the public side of the firewall. So far I have, in addition to the obvious localnet, and the three blocks reserverd for private networks 240/4, 169.254/16, 192.0.2/24, and 198.18/15. However, that same rfc also mentions 0.0.0.0/8 as referring to "this" network, and 0.0.0.0/32 as referring to "this" host on "this" network. I don't get this. In routing tables, does 0.0.0.0 mean "anywhere" or some such. Should I be allowing packets with a source ip of 0.0.0.0 or dropping them? Thanks, Gerald -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
