Please review and merge feature/firewall_lockdown, currently merged into experimental. This time it should merge cleanly into devel.
This branch modified the firewall to use a white-list/principle of least privelege approach for local services, so only users that reasonably need access to e.g. Tor's SOCKS port have it. It also adds logging (visiable in dmesg) for rejected packets, disables some unwanted services that bloat that log (e.g. Pidgin's UPnP support), and makes some local services IPv6 only to avoid duplication of white-list rules. Cheers!
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
