[ale] My firewall

Joseph A Knapka jknapka at earthlink.net
Sat Nov 3 10:40:19 EST 2001


Ken Nagorski wrote:
> 
> I would like to point out that at some point my firewall remounted / as
> a ro filesystem. I think the disk is hosed, point being it is still
> working. I can ssh to it however I cannot ftp and some of the commands
> give me IO errors. I noticed this like almost two weeks ago
> and guess what it is still running and passing packets. How cool?
> 
> Actually I have a question. Is this cause the stuff I need is loaded
> into
> memory?

Yes. Unless things have changed recently, it's actually possible
to halt the system after the firewall and route tables are
configured, and it will happily pass packets that way: IP
forwarding will work fine even if there are no processes running
on the system, since it's all interrupt-driven. (This was certainly
true with kernel 2.2 and ipchains.) Hard to hack a firewall that's
not running any userspace code whatsoever :-)

Cheers,

-- Joe
# "You know how many remote castles there are along the
#  gorges? You can't MOVE for remote castles!" - Lu Tze re. Uberwald
# (Obsolete) Linux MM docs:
http://home.earthlink.net/~jknapka/linux-mm/vmoutline.html

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list