On Thu, Sep 02, 2004 at 12:37:15PM -0700, Kenneth Porter wrote:
--On Tuesday, August 31, 2004 11:06 PM -0700 Nifty Hat Mitch
It makes sense to me that /etc/init.d/iptables should have some awareness of applications that depend or are impacted on it and ntpd seems to be just such a case. The list could be long expect the keepers of iptables to not want to open the door to a flood.
This looks like a layer problem to me. iptables is really a low-level tool for implementing firewalls, yet it's treated like high-level service by the initscripts. There are also a lot of high-level firewall systems like shorewall and fwbuilder that replace the low-level service provided by the
Exactly so, this is a layer problem.
Some thought and discussion is needed to get this right.