OK I'll byte...

1. don't you need to declare the 'override vars' before the host
declarations if they are to be used?

2. why not have 1 or 2 logging levels as variables (have you tested how much
this script will end up logging on an @home connection?)...variables loglev1
& loglev2 and set them both to "-l" or "" as desired.

3. need other modprobes such as ip_raudio

4. flow & programming is elegant but tough for beginners to understand.

5. lastly, no instructions on how to execute - i.e. add to rc.local (I
assume that's what you have in mind for startfw) or a more elegant script
for /etc/rc.d/init.d which is added via chkconfig to levels 345.

Craig

----:----|----:----|----:----|----:----|----:----|----:----|
- Craig White - PO Box 8634 - Scottsdale, Arizona - 85252
- e-mail address ................ - CraigWhite@AzApple.com
- world wide web address ........ - http://www.AzApple.com
- e-mail my pager address ....... - 6023779752@airtouch.net
- cellular phone ................ - (602) 377-9752
- voice/facsimile ............... - (480) 945-8445
----:----|----:----|----:----|----:----|----:----|----:----|

> -----Original Message-----
> From: plug-discuss-admin@lists.plug.phoenix.az.us
> [mailto:plug-discuss-admin@lists.plug.phoenix.az.us]On Behalf Of
> der.hans
> Sent: Monday, April 17, 2000 7:42 PM
> To: quatsch
> Subject: fw rules critique?
>
>
> moin, moin,
>
> here's a set of rules that I think offer some decent defaults for a
> masq/fw box.
>
> I'd rather fix mistakes rather than leave in bugs, so please feel free to
> nicely point out the errors of my ways... :)
>
> I'd like to make this something I and others can pretty well just drop in
> place...
>
> danke,
>
> der.hans
> --
> #  der.hans@LuftHans.com   home.pages.de/~lufthans/   www.OpNIX.com
> #  I'm not anti-social, I'm pro-individual. - der.hans
>