On Sun, 2020-08-23 at 14:26 -0400, Gene Heskett wrote: > Greetings all; > > Since the big conversion of file structs vs who owns what, which > apparently includes running rc.local as the logged in user and not > as > root, that has hidden the iptables stuff from everybody but root > since > its not now in the users $PATH. > > So what is the best way to assure this stuff gets started during a > reboot
On my Debian box acting as a router, currently running Buster but been running for about 10 years of Debian upgrades, I start my firewall by this line in /etc/network/interfaces pre-up /root/firewall.sh Where firewall.sh is a shell script of iptables rules (that also stops and restarts fail2ban amongst other housekeeping tasks). I have that pre-up command in the section for my ADSL line, the full list of commands is auto dsl-provider iface dsl-provider inet ppp pre-up /sbin/ifconfig eth0 up # line maintained by pppoeconf pre-up /root/firewall.sh provider dsl-provider My thinking was that before bringing up my ADSL connection to the internet I need to make sure that eth0 is up because that connects to my modem, then install my firewall. My server is using sysvinit not systemd. -- Tixy