On Thu, Sep 02, 2004 at 12:37:15PM -0700, Kenneth Porter wrote: > --On Tuesday, August 31, 2004 11:06 PM -0700 Nifty Hat Mitch > > >It makes sense to me that /etc/init.d/iptables should have some > >awareness of applications that depend or are impacted on it and ntpd > >seems to be just such a case. The list could be long expect the keepers > >of iptables to not want to open the door to a flood. > > This looks like a layer problem to me. iptables is really a > low-level tool for implementing firewalls, yet it's treated like > high-level service by the initscripts. There are also a lot of > high-level firewall systems like shorewall and fwbuilder that > replace the low-level service provided by the Exactly so, this is a layer problem. Some thought and discussion is needed to get this right. -- T o m M i t c h e l l Just say no to 74LS73 in 2004
