Ini di excerp dari man page-nya ipchains, bagian Making Rules Permanent:
Your current firewall setup is stored in the kernel, and thus will be lost
on reboot. I recommend using the `ipchains-save' and `ipchains-restore'
scripts to make your rules permanent. To do this, set up your rules, then
run (as root):
# ipchains-save > /etc/ipchains.rules
#
Create a script like the following:
#! /bin/sh
# Script to control packet filtering.
# If no rules, do nothing.
[ -f /etc/ipchains.rules ] || exit 0
case "$1" in
start)
echo -n "Turning on packet filtering:"
/sbin/ipchains-restore < /etc/ipchains.rules || exit 1
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "."
;;
stop)
echo -n "Turning off packet filtering:"
echo 0 > /proc/sys/net/ipv4/ip_forward
/sbin/ipchains -F
/sbin/ipchains -X
/sbin/ipchains -P input ACCEPT
/sbin/ipchains -P output ACCEPT
/sbin/ipchains -P forward ACCEPT
echo "."
;;
*)
echo "Usage: /etc/init.d/packetfilter {start|stop}"
exit 1
;;
esac
exit 0
Make sure this is run early in the bootup procedure. In my case (Debian
2.1), I make a symbolic link called `S39packetfilter' in the `/etc/rcS.d'
directory (this will be run before S40network).
----- Original Message -----
From: "Tajid Yakub" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, July 03, 2002 3:03 PM
Subject: Re: [admin] seting fire wall
> > kalo untuk permanen dan nanti bisa diedit lagi maka letakkan script itu
> > di rc.local
> > kalo ngga salah di /etc/rc.d/rc.local
> kalo gak salah ya bener,
> contoh skript ada di http://www.linuxdoc.com/howto/IP-MASQ/x548.htm
> simpen sebagai misalnya /etc/rc.d/rc.firewall ini yang dipanggil pas
> booting..
--
Utk berhenti langganan, kirim email ke [EMAIL PROTECTED]
Informasi arsip di http://www.linux.or.id/milis.php3
