Re: Firewall Startup Configuration files

[Jose Alberto <jose-debianlists@iteso.mx>]

 Check /etc/sysctl.conf

 You can set anything settable under /proc/sys with this file, it is 
part of the sysctl program, and it's run at startup before any runlevel 
by /etc/rcS.d/S30procps (at least in sarge, woody is probably the same).


  Cheers

Magnus Sundberg wrote:
> Dear sirs,
> I am in the process of migrating my old redhat 7.1 based firewall to 
> Debian.
> On the old firewall, I replaced the /etc/init.d/iptables script with a 
> huge home written script.
> This script loaded all filter chains, one by one, and did some changes 
> to /proc/sys/net/ipv4/
>     ip_conntrack_max
>     ip_local_port_range
>     tcp_en
>     ...
>
> Now,
> I want to have one start script that sets up the kernel parameters, and 
> I want to have my separate config script, with all chains, then I want 
> to run init like:
>
> <Setup kernel parameters>
> iptables start
>
> to configure my firewall, I would do something like
>
> # run_my_firewall_chain_script
> # /etc/init.d/iptables save
>
> Well thats the background information, sorry to keep it so long.
>
> Which configuration file is supposed to keep the kernel parameters?
>
> Sorry for such a long simple question.
>
> Is there a FAQ for this list?
>
> regards,
> Magnus Sundberg