[prev in list] [next in list] [prev in thread] [next in thread] 

List:       lids-user
Subject:    Re: [lids] lids vs. iptables
From:       steve <steve () clublinux ! org>
Date:       2001-02-23 22:52:28
[Download RAW message or body]


If I understand correctly, it sounds like a bug.  When LIDS_GLOBAL is
turned off, there should be no protection from LIDS whatsoever.  You
should have a vanilla linux box with it turned off.

Steve

Markus Ulrich wrote:
> 
> Hi,
> 
> I had installed the lids kernel patch version 1.0.5. It was my first
> installation of lids, so I have a question about it :
> 
> When I use iptables (version 1.2) to set up packet filtering, I'm not
> able to use iptables after sealing the kernel even when I disable lids
> globally. Iptables display that the filter table can't initilize because
> permission deny (I must be root). The CAP_NET_ADMIN and CAP_NET_RAW
> option (or only one of them) is disabled (-). When I turn both of these
> options back to enable (+) and reload the config file, I'm allowed to
> use iptables.
> Is it a bug or a feature ?
> 
> I would be happy for every answer.
> 
>         Markus
> 
> 
> 
> 
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/

------------------------ Yahoo! Groups Sponsor ---------------------~-~>
eGroups is now Yahoo! Groups
Click here for more details
http://us.click.yahoo.com/kWP7PD/pYNCAA/4ihDAA/0qAVlB/TM
---------------------------------------------------------------------_->

 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

[prev in list] [next in list] [prev in thread] [next in thread]