Re: Packaging ufw

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Packaging ufw

From:	Jeremiah
Subject:	Re: Packaging ufw
Date:	Sun, 11 Nov 2018 01:30:01 +0000

> I like this firewall, has anybody started packaging it?
No, possibly because it doesn't add much when one has iptables and a
guix configuration script for it.

> We have no other firewall packages judging from my emacs-guix regex
> search.
We have iptables and ebtables
and I suggest you consider the following iptables/ip6tables rules:
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

You could easily lock it down further but one piece of software needed
on servers missing on guix is port knocking software.

-Jeremiah

[Prev in Thread]

Current Thread

[Next in Thread]

Packaging ufw, swedebugia, 2018/11/10
- Re: Packaging ufw, swedebugia, 2018/11/10
  - Re: Packaging ufw, Brett Gilio, 2018/11/10
    - Re: Packaging ufw, swedebugia, 2018/11/10
    - Re: Packaging ufw, Danny Milosavljevic, 2018/11/10
  - Re: Packaging ufw, Pierre Neidhardt, 2018/11/10
- Re: Packaging ufw, Jeremiah <=

Prev by Date: GNOME & Tracker-Sparql
Next by Date: Weird lint warning
Previous by thread: Re: Packaging ufw
Next by thread: [PATCH]:gnu:add ne:the nice editor
Index(es):
- Date
- Thread