X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;ds=sidebyside;f=debian%2Fdefault;fp=debian%2Fdefault;h=0000000000000000000000000000000000000000;hb=95ce5edc2b2f045ea41812286f373659942c6b0d;hp=6c5f32352a5fc79badfe5282bf402315dab5801e;hpb=f6d754fbdb6c95f9ce7c2d2f4166972d70467cb7;p=iptables-cn.git diff --git a/debian/default b/debian/default deleted file mode 100644 index 6c5f323..0000000 --- a/debian/default +++ /dev/null @@ -1,74 +0,0 @@ -# /etc/init.d/iptables-cn defaults file - -# INTRODUCTION: First thing first, I must warn you. The iptables -# init.d setup and iptables tools themselves are VERY much capable -# of locking you out of network services. This includes remote and -# local network services, even localhost. You can even block local -# console logins if authentication is network based. And please do -# not be lulled into a false sense of security because you simply -# installed the iptables package. It really does not provide a -# firewall or any system security. -# -# Now for a short question and answer session: -# -# Q: You concocted this init.d setup, but you do not like it? -# A: I was pretty much hounded into providing it. I do not like it. -# Don't use it. Use /etc/network/interfaces, use /etc/network/*.d/ -# scripts use /etc/ppp/ip-*.d/ script. Create your own custom -# init.d script -- no need to even name it iptables. Use ferm, -# ipmasq, ipmenu, guarddog, firestarter, or one of the many other -# firewall configuration tools available. Do not use the init.d -# script. -# -# Q: What is this iptables init.d setup all about? -# A: The iptables init.d setup saves and restores whole iptables's -# table rulesets. That's basically it. It doesn't create any -# iptables rules nor provide for running any iptables rules. -# That also implies no support at all for dynamic rules. -# -# Q: How do I get started? -# A: (Did I mention "do not use it" already? Oh well.) -# 1. Setup your normal iptables rules -- firewalling, port forwarding -# NAT, etc. When everything is configured the way you like, run: -# -# /etc/init.d/iptables-cn save active -# -# 2. Setup your your inactive firewall rules -- this can be something -# like clear all rules and set all policy defaults to accept (which -# can be done with /etc/init.d/iptables-cn clear). When that is ready, -# save the inactive ruleset: -# -# /etc/init.d/iptables-cn save inactive -# -# 3. Controlling the script itself is done through runlevels configured -# with debconf for package installation. Run "dpkg-reconfigure iptables" -# to enable or disable after installation. -# -# Q: Is that all? -# A: Mostly. You can save additional rulesets and restore them by name. As -# an example: -# -# /etc/init.d/iptables-cn save midnight -# /etc/init.d/iptables-cn load midnight -# -# -# Autosave only works with start followed by stop. -# -# Also, take great care with the halt option. It's almost as good as -# pulling the network cable, except it disrupts localhost too. - -# deprecated default values: -# enable_iptables_initd - use the debconf setup -# preload_default - probably not necessary for iptables-restore -# and user modified init.d scripts cannot trusted anyway - -# set iptables_command to "iptables" (default) or "ip6tables" -iptables_command=iptables - -# set enable_autosave to "true" to autosave the active ruleset -# when going from start to stop -enable_autosave=false - -# set enable_save_counters to "true" to save table counters with -# rulesets -enable_save_counters=true