begin quoting DJA as of Tue, Aug 08, 2006 at 12:37:14AM -0700: > [EMAIL PROTECTED] wrote: > >>Can't you bring the external interface down, flush your rules, reload > >>your rules, and bring your external interface back up? > > > >They is a *great* idea. I can take NIC down while I redo firewall! > > > >I'll have to research how to minimize time between reactiviating > >NIC and reactiviating iptables. That would be useful to know in general > >because this vulnerability happens on ALL PCs when they reboot! > > Pardon my ignorance, but won't the cable come out of the NIC? Is there a > reason the NIC _has_ to be connected when you cycle the firewall/box? > The one reason I can think of is if you don't have physical access to > the box.
ifconfig eth0 down iptables -F load_ip_tables ifconfig eth0 up I don't understand where the cable comes in. Are we talking about different things? -- _ |\_ \| -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
