[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [iptables] init script

Rainer Ellinger <rainer@ellinger.de> writes:

> Davi Leal schrieb:
> > Is there a iptables standard script, as "/etc/network/interface" to
> > network interfaces?.
> Yes, configure and read /etc/default/iptables and save your running 
> iptables ruleset with /etc/init.d/iptables save active

Better yet, forget the whole /etc/default/iptables stuff and set your
firewalling up through appropriate scripts in the /etc/network/if-*.d/
directories.  For an idea on how you could go about this, have a look
at the attached tarball.

Oh, by the way, you can just ignore those /etc/default/trusted-path
lines.  They are left-overs from centrally enforcing a trusted path
(what else?)  in my shell scripts.  Since all scripts are using an
absolute path to invoke iptables, they don't have any effect.
Olaf Meeuwissen                            Epson Kowa Corporation, CID
GnuPG key: 6BE37D90/AB6B 0D1F 99E7 1BF5 EB97  976A 16C7 F27D 6BE3 7D90
LPIC-2               -- I hack, therefore I am --                 BOFH

Attachment: iptables-conf.tar.gz
Description: iptables configuration via /etc/network/if-*.d scripts

Reply to: