Re: my guess as to where to put the dialup iptables rules

[Dan Jacobson <jidanni@deadspam.com>]

>>>>> "m" == marshal  <marshal@h9.dion.ne.jp> writes:

m> One thing that you could do, since you've installed iptables, is setup
m> all the chains manually.  Then run (as root)

m> /etc/init.d/iptables save active

m> And if you always want them to be the same

m> /etc/init.d/iptables save inactive.

m> This will save the chains so that they start up everytime that you
m> boot the computer and turn off the computer (respectively.).  Of
m> course, that's if you have the /etc/rc?.d/ directories setup for it.

m> Look at /etc/default/iptables for more info.

Yes, and that's where he says not to use that "state saving" way, an
instead use a more traditional rc file approach that i feel is cleaner
too.  there he tosses about several alternatives, from which I guessed
/etc/network/if-pre-up.d/... as according to ls -lt it indeed gets
read at boot. 

m> Good Luck.

indeed.  We will see at next boot.  Maybe I will lock myself out of
the keyboard, to y'all's relief.

>>>>> "Dan" == Dan Jacobson <jidanni@deadspam.com> writes:

Dan> Regarding Rusty's Really Quick Guide To Packet Filtering
Dan> /usr/share/doc/iptables/html/packet-filtering-HOWTO.html#toc5
Dan> where are we supposed to put that?
Dan> /etc/network/if-pre-up.d/somefile I suppose.

Dan> If you tell me to put it in /etc/ppp/ip-up.d I will tell you
Dan> that it only needs to be run once...
-- 
http://jidanni.org/ Taiwan(04)25854780


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org