Re: Firewall startup script

[Christoph Haas <email@christoph-haas.de>]

On Mon, Sep 06, 2004 at 09:54:52PM +0200, Lorenzo Rossi wrote:
> you have to know I a newb..

Most people have been at some time in their history. :)

> I know that in "/etc/initd/" there are lots of scripts....but I'm
> steel studing the language..

That are just shell scripts. I suggest you read some basics about UNIX
in general, Linux in special and Debian in very special. One nice URL to
look through is
http://www.debian.org/doc/manuals/reference/reference.en.html

> > I personally prefer to start the firewall script from
> > /etc/network/interfaces like this:
> > 
> > iface eth9 inet static
> > 	address ...
> > 	netmask ...
> > 	gateway ...
> > 	pre-up /etc/network/firewall.sh
> 
> This advice seem to be very nice, I go to test it.
> 
> Just one more question... :) Does the "pre-up" keyword meens that the
> Firewall is startup at the same time the interface is going up?

You may want to look at the interfaces(5) manual page (run "man 5
interfaces" from the command line). All those configuration settings are
described there.

> Looking at the prefix "pre" I should imagine that it start the firewall
> script before the interface is up, but this seem to me a bit strange...

Yes, that's correct. That doesn't slip anything through while the
interface is already up but the script is still being executed. In
reality it's just a matter of a second.

 Christoph

-- 
~
~
".signature" [Modified] 3 lines --100%--                3,41         All