On Mon, 2 Jun 2014, James Harper <james@ejbdigital.com.au> wrote:

Be aware though that starting your firewall after your network comes up is probably not a wise thing to be doing.

Yes, after the network is up but before the daemons you want to protect would be ideal. Also if your system isn't configured to go to single user mode if the firewall script fails (AFAIK no-one does this) then a problem with the firewall script (such as an unexpected DNS problem in this instance) would break it. With the increasing use of https and cloud servers some types of firewalling are becoming less useful. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/