RE: script init
> -----Original Message-----
> From: sim ton [mailto:firewall38@lycos.com]
> Sent: Wednesday, June 05, 2002 5:20 AM
> To: debian
> Subject: script init
>
> so my firewall is almost good :)
> but i want to init it at any reboot ...
> i've heard of iptables-save and i used it but i don't really
> know how it works because it didn't work
> so i just need a easy solution which is running my script
> firewall.sh at any reboot
Assuming you have your firewall.sh script in /etc/init.d, you can do
this:
# chmod 755 /etc/init.d/firewall.sh
# cd /etc/rc2.d [or whatever is default runlevel]
# ln -s /etc/init.d/firewall.sh S90firewall
This creates a symbolic link to the actual firewall script: in the
/etc/rc#.d directories, the higher the S##, the later it loads at boot
time. So S10<script> will run before S11<script>, and S99<script> would
be the very last. It's up to you when you want it to run (before or
after the other programs); some people say the firewall should be the
very *first* thing.
Repeat for each runlevel that you want the firewall to protect. I
believe Debian starts in runlevel 2 by default, but you can verify what
you're currently using by just typing "runlevel" at a prompt. This,
BTW, is set in /etc/inittab...
For now, don't add it to runlevel 0, 1 or 6, which equate to "halt"
(power-down), "single-user" (barely anything running) and "reboot". 0
and 6 need a different symlink, i.e. K90firewall (S for start, K for
kill). And it would be pointless, because your script probably doesn't
parse start|restart|stop, etc; in fact, the effect would be
counterproductive, turning it ON instead of off.
Alright, that's one way to run your firewall. Another is with
"update-rc.d" (which is specific to Debian, and similar to RedHat's
"chkconfig"). If you want more information on it, try "man
update-rc.d". :)
HTH,
Jeff Bonner
--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: