--- Andrew Smith <[EMAIL PROTECTED]> wrote:
> > Perfect!
> >
> > I tried your ipchains -A forward -i eth0 -j MASQ.. and it worked ;-)
> >
> > Thx very much.
> >
> > Again ..if you don't mind :-)
> >
> > If I put a script on /etc/rc.d/rc.firewall...How could I fire it up?
> >
> > thx
> I have no idea what is considered "correct",
> but from a security point of view (in RH7.1)
> I edit /etc/rc.d/init.d/network and add an
> extra line in between setting the network
> parameters and starting lo - as per:
>
> action $"Setting network parameters: " sysctl -e -p /etc/sysctl.conf
>
> action $"Starting the firewall: " /etc/rc.d/rc.firewall
>
> action $"Bringing up interface lo: " ./ifup ifcfg-lo
One way would be to add this to /etc/sysctl.conf
net.ipv4.ip_forward = 1
and run
# service ipchains save
# chkconfig ipchains on
plus, if not started already:
# service ipchains start
This would save the ipchains rules in /etc/sysconfig/ipchains and would
install the firewall at boot-time, too.
A second way is to run your custom firewall script from
/etc/rc.d/rc.local, although that would be after the other scripts in
/etc/rc?.d/ have been run.
Hence the third way is to link your custom firewall script from
/etc/rc?.d/ with a S-prefix and a priority number just like the other
initscripts.
HTH
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
_______________________________________________
Seawolf-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/seawolf-list
