Linux Today: Linux News On Internet Time.

SysAdmin: Halted Firewalls (Running Linux Firewalls at Run Level 0)

Feb 08, 2002, 14:03 (19 Talkback[s])
(Other stories by Mike Murray)
"As systems administrators, it's often funny how new and interesting information ends up in our hands. Sometimes, it's through an intentional course of study; other times, it seems to arrive by accident. That's exactly how the concept of using a halted Linux computer as a firewall occurred to me. I was at work, perusing an internal corporate mailing list and saw a message about something that was once present in Linux. The message referred to a method for shutting down a Linux box while ipchains is still running, and having the box continue to perform firewall tasks. My first response was to stifle a laugh — a firewall that works while in a halted state? I contacted the author (with a bit too much sarcasm in my letter), and was sent a link to an old discussion thread on the Firewalls list about a rumored feature in the 2.0.x kernels. This feature allowed you to run shutdown -h (halt) on the machine, and the firewall would remain active but with no drives mounted and no processes running. That is, the firewall would be in run level 0, but still be filtering packets. However, the list mentioned that this no longer worked in the 2.2.x series kernels.

I knew that I couldn't leave it alone, however. I set out to make a 2.2.x box perform a similar function, and I hoped that I would be able to do it without having to patch the kernel in any way. It turns out that I can."

Complete Story

Related Stories: