Re: Where to place firewall files?
Debian has a nice script called /etc/init.d/iptables. Just free all your
rules and type:
# /etc/init.d/iptables save inactive
Then setup all your rules ant save them:
# /etc/init.d/iptables save active
After this you can free your rules with:
# /etc/init.d/iptables stop
and start them again whith:
# /etc/init.d/iptables start
Your firewall will start automaticaly on startup.
Another way is to use "up command" from interfaces. You can set up your
firewall when an interface comes up. Just place your rules in an
executable script and add one line to /etc/network/interfaces:
auto eth0:1
iface eth0:1 inet static
address 192.168.0.2
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
up /path/to/your/fw.script
Martynas
Pr, 2003-01-20 23:01, mmicek@csz.com rašė:
> On Sat, Jan 18, 2003 at 08:53:42AM +0100, Leszek Szczepanowski wrote:
> > My question is about, where in Debian place firewall files ?
>
> Depends on the package used for setting up the firewall. If
> none, anywhere, probably in /etc. I have ipchains.rules in
> /etc and a script "packetfilter" in /etc/init.d. If using
> ipmasq, /etc/ipmasq.
>
> > And what is better - some plain file with set of 'iptables' commands,
> > or more complicated set of scripts which interpretes rules from
> > file?
>
> I've done it both ways, and I feel better about using
> ipmasq.
>
> > And related question, just in case, where to define ethernet aliases,
> > to be more smart than 'slackware' set of "autoexec" files...
>
> You mean /etc/network/interfaces?
>
> auto eth0:1
> iface eth0:1 inet static
> address 192.168.0.2
> netmask 255.255.255.0
> network 192.168.0.0
> broadcast 192.168.0.255
>
> --
> Michael J. Micek, CyberStrategies, Inc. sysadmin
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: