[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: FireHOL Question

Hi Juan,
I understand what you mean, but the thing is that /etc/init.d/iptables doesn't exist 

viz
----- Original Message ----- From: "Juan Carlos Inostroza" <jci@tux.cl> 
To: "vizi0n (debian-firewall)" <debian-firewall@vizi0n.com>
Sent: Monday, September 27, 2004 5:08 PM
Subject: Re: FireHOL Question



On Mon, 2004-09-27 at 16:43, vizi0n (debian-firewall) wrote:

Hi Raul!
I managed to save my table but I don't really understand how to load it on boot, because I dont have any iptable file in /etc/init.d/, only my firehol 
script


Automatically it will load the "active" chainset if you have a sysv
symbolic link on /etc/rc<runlevel>.d

If not:

cd /etc/rc<runlevel>.d
ln -s ../init.d/iptables S<startup number>iptables

<runlevel> must be the same on /etc/inittab (the default runlevel) or
whatever runlevel you want. <startup number> is a number between 00 and
99. I personally choose 12 or 10.

Or, if you want, "the debian way":

# update-rc.d iptables start <startup number> <runlevel> .

(make sure there's a dot on the end of the line )

To write the active chainset:

/etc/init.d/iptables save active

(make sure the directory /var/lib/iptables exists).

To make an inactive chainset:

iptables -F
iptables -F -t nat
iptables -F -t mangle
/etc/init.d/iptables save inactive

Regards,

--
Juan Carlos Inostroza O.
Registered Linux User #246002
jci@tux.cl - http://www.tux.cl - http://foros.tux.cl
Blogging for fun _and_ profit : http://jci.codemonkey.cl
"We are just packets in the Internet of Life" -- UserFriendly
Reply to: