On Mon, May 13, 2002 at 07:53:51PM -0400, Robert wrote:
> Hello,
> Can someone tell me the correct init script that I can load my iptables
> script? I tried /etc/rc.d/rc.local, but I'm not sure that is the best
> location.
>
> Thanks,
> Robert
Optimally, it would be right after your NIC or network connection
comes up, but that may not always be the right time.
In my case, I have mine starting from rc.local, as I'm (shamefully)
still on dialup. so my rc.local looks something like so:
#
# Let's now set up the Filtering/Masquerading/Firewalling/Security
# Chains. Chains are good.
echo "Setting up Filtering Rules for kernel $KVERSION..."
if [ -x /etc/rc.d/rc.ipchains ]; then
. /etc/rc.d/rc.ipchains
fi
where rc.ipchains is a script that:
1) echo 1 > /proc/sys/net/ipv4/ip_dynaddr
and
2) parses `uname -r`, cuts off the last number of the kernel's
revision, and runs a conditional on it. if it's 2.4 or higher, run the part of
the script with iptables/netfilter. if it's 2.3 or lower, run ipchains.
In my case though, I can run that at any time, as long as I'm not
dialed up. I prefer to do it during bootstrap, so I won't have to worry about
it when I do dial up.
BL.
--
Brad Littlejohn | Email: [EMAIL PROTECTED]
Unix Systems Administrator, | [EMAIL PROTECTED]
Web + NewsMaster, BOFH.. Smeghead! :) | http://www.wizard.com/~tyketto
PGP: 1024D/E319F0BF 6980 AAD6 7329 E9E6 D569 F620 C819 199A E319 F0BF
