Ini di excerp dari man page-nya ipchains, bagian Making Rules Permanent: Your current firewall setup is stored in the kernel, and thus will be lost on reboot. I recommend using the `ipchains-save' and `ipchains-restore' scripts to make your rules permanent. To do this, set up your rules, then run (as root): # ipchains-save > /etc/ipchains.rules #
Create a script like the following: #! /bin/sh # Script to control packet filtering. # If no rules, do nothing. [ -f /etc/ipchains.rules ] || exit 0 case "$1" in start) echo -n "Turning on packet filtering:" /sbin/ipchains-restore < /etc/ipchains.rules || exit 1 echo 1 > /proc/sys/net/ipv4/ip_forward echo "." ;; stop) echo -n "Turning off packet filtering:" echo 0 > /proc/sys/net/ipv4/ip_forward /sbin/ipchains -F /sbin/ipchains -X /sbin/ipchains -P input ACCEPT /sbin/ipchains -P output ACCEPT /sbin/ipchains -P forward ACCEPT echo "." ;; *) echo "Usage: /etc/init.d/packetfilter {start|stop}" exit 1 ;; esac exit 0 Make sure this is run early in the bootup procedure. In my case (Debian 2.1), I make a symbolic link called `S39packetfilter' in the `/etc/rcS.d' directory (this will be run before S40network). ----- Original Message ----- From: "Tajid Yakub" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, July 03, 2002 3:03 PM Subject: Re: [admin] seting fire wall > > kalo untuk permanen dan nanti bisa diedit lagi maka letakkan script itu > > di rc.local > > kalo ngga salah di /etc/rc.d/rc.local > kalo gak salah ya bener, > contoh skript ada di http://www.linuxdoc.com/howto/IP-MASQ/x548.htm > simpen sebagai misalnya /etc/rc.d/rc.firewall ini yang dipanggil pas > booting.. -- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3