Ed Greshko wrote:
I've not looked into the OPs problem... But I do wonder about what you've said that prompts me to ask...
I was actually wrong about the problem. His firewall set ip_forward to 1, but sysctl.conf set it to 0. During boot, the firewall service started first and enabled IP forwarding. The network service started later and reloaded sysctl.conf, turning IP forwarding off. When he restarted the firewall service, it would turn IP forwarding back on. The solution was to fix ip_forward in sysctl.conf.
If the system brings up the network interfaces, but no services that utilize the network, prior to bringing up the firewall what vulnerability is the system exposed to...and for how long?
If you use the "network" service, and start your firewall immediately after, you shouldn't have anything to worry about.
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
