On Tuesday 08 August 2006 08:00 am, Stewart Stremler wrote: > begin quoting DJA as of Tue, Aug 08, 2006 at 12:37:14AM -0700: > > [EMAIL PROTECTED] wrote: > > >>Can't you bring the external interface down, flush your rules, reload > > >>your rules, and bring your external interface back up? > > > > > >They is a *great* idea. I can take NIC down while I redo firewall! > > > > > >I'll have to research how to minimize time between reactiviating > > >NIC and reactiviating iptables. That would be useful to know in general > > >because this vulnerability happens on ALL PCs when they reboot! > > > > Pardon my ignorance, but won't the cable come out of the NIC? Is there a > > reason the NIC _has_ to be connected when you cycle the firewall/box? > > The one reason I can think of is if you don't have physical access to > > the box. > > ifconfig eth0 down > iptables -F > load_ip_tables > ifconfig eth0 up > > I don't understand where the cable comes in. Are we talking about > different things?
Chuckle, usually the cable comes into the NIC at the back of the computer. BobLQ -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
