If ip_forward is never enabled until shorewall has started, then no packets will ever pass through the system. You're then left with just local stuff on the firewall itself, which shouldn't really be an issue (since you shouldn't be running anything at that point).
This should be the default behaviour, so I'd be looking into why that didn't happen. ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
