[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian equivalent of rc.firewall??

"Bao Ha" <baoh@linuxwizardry.com> writes:

> You can try to insert it in rc.boot/local.

 rc.boot is obsolete in Debian, rc.S must be used instead.

 Anyway, imho a masquerading script does not necessarily need to be
executed rc.S. At least, you would not be able to switch between
firewall / non-firewall config via runlevels, if you chose that option.

 Actually, it seems that it very much depends on your setup how your
"firewall script" should be employed.

 o If it does not depend on anything else, I think its best to add a
local script (the /etc/init.d/local-firewall start stop kind), and
activate it either via ifup or init, as already suggested.

 o If it does depend on the current situations (e.g. ppp link), I
think ipmasq.deb might be a good choice (but you *really* must have a
look at the default conf as it is very liberal. You could, however,
just remove the whole default config, and put your old script to
/etc/ipmasq/rules/00firewall.rul, as I did ;)).


Stephan A Suerken <absurd@olurdix.de>

Reply to: