Mon Sep 1 23:33:56 CEST 2003
----- Original Message -----
From: "Anders Fugmann" <afu at fugmann.dhs.org>
To: "Tim" <tim.ronning at start.no>
Cc: <fiaif at fiaif.net>
Sent: Monday, September 01, 2003 6:07 PM
Subject: Re: ip_forward=0
> > So my question is, how do I invoke the contents of /etc/sysctl.conf . Is
there more bit's and pieces of apps/commands out there that I need to
install into my Core Linux system? Or can I invoke ip_forward=1 from another
place? I like to have things scaled down so besides Core right now I have
the following installed:
> The program 'sysctl' (from the program collection procps) reads
> /etc/sysctl.conf and sets variables in /proc/sys accordingly to the
> settings in this file. The program is standard in all the dirstributions
> I have seen. Either install the program to have the /proc setup
> automaticly upon boot or set SET_PROC_ERRORS=1 (and maybe
> SET_PROC_WARNINGS=1) in /etc/fiaif/fiaif.conf in order to let FIAIF
> handle the settings when started.
Thanks for the knowhow. It all works better than smooth now :-)
> On a final note. Please do upgrade to linux version >= 2.4.21 and
> iptables >= 1.2.8 as quite a few bug in the netfilter kernel/userspace
> has been fixed (including some security issues).
My mistake i have iptables 1.2.8 Just downloaded kernel 2.4.21, so i will
build a new kernel when everything else is sorted.
> Also, are you by any chance planning on making a bootable (running) CD
> image with this setup? I think it would be perfect to have a diskless
> Firewall using FIAIF.
First I need to get this combination Core/my addons/Fiaif in production
state. Things seems to work fine now but I have a lot of tidying-up to do.
Some script automation, logging and maybe some other functionality like
snort etc. Maybe it would be a good idea to build a working cd of the final
setup, hmmmmm.....(my mind seems to be in second stage already!)
Anyway, thanks for the help. And if I forgot to say it, I love Fiaif for its
flexibility/scalability and intuitive layout.
More information about the fiaif