> Having figured all this out, I am for the present quite happy to
> have it all in a script which I can easily hack. Is there however,
> another method intrinsic to RH 7 or even 6.0 which does all this
> already and about which I should know?
>
This stuff is RedHat specific
There is no need to cook your own ipchains scripts if you do not want to.
If you execute whatever script you want manually (and make active the
ipchains rules)
Then just do a "service ipchains save"
Your current rules will be saved to a script in /etc/sysconfig
Doing a "service ipchains start" or "service ipchains stop" will
activate/deactivate your rules.
Make sure the ipchains "service" (rc.d script) is enabled at you desired run
level.
"chkconfig --list" will list the services and runlevels
"chkconfig ipchains on" will set ipchains to start at the default runlevels
The only other hassle is turning on/off forwarding. This should be done in
/etc/sysctl.conf for a RH7
The other hassle is if you have any modules you need loaded like
ip_masq_ftp. Perhaps /etc/rc.d/rc.local is a good place.
If you are using dialup, the /etc/ppp/ip-up.local is a good place for
modules, ipchains rules, forwarding to be enabled.
There's aways lots of ways to do things :)
Ian
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
