Re: /etc/init.d/iptables
Ivan Shmakov a écrit :
> Jonathan Yu <jonathan.i.yu@gmail.com> writes:
>>
>> I apparently used /etc/network/if-pre-up.d (I can't remember the
>> reasoning why, but I guess it's useful to make sure you load the
>> rules prior to bringing the interfaces up, which means the rules will
>> be there once network connectivity is brought up)
>
> Yes. However, doesn't if-pre-up.d/ get activated every time an
> interface is brought up?
Indeed.
My opinion is that only interface-specific action such as creating
interface-specific firewall rules should be performed in
/etc/network/if-*.d/ scripts, as well as in /etc/ppp/ip*.d/ scripts. Non
interface-specific commands should be performed by an init script before
the network script runs.
Reply to: