Re: /etc/init.d/iptables

[Ivan Shmakov <oneingray@gmail.com>]

>>>>> Kinglok, FONG <busywater@gmail.com> writes:
>>>>> Jonathan Yu <jonathan.i.yu@gmail.com> wrote:

[...]

 > Thank you Jonathan for writing the nice blog article and it works.
 > But it requries some customization in debian Lenny.

 > For some reason, the script in /etc/network/if-pre-up.d/ doesn't load
 > up by default.

	Did you set the execute permission on the script?

# chmod +x /etc/network/if-pre-up.d/SCRIPTNAMEHERE 

 >> I apparently used /etc/network/if-pre-up.d (I can't remember the
 >> reasoning why, but I guess it's useful to make sure you load the
 >> rules prior to bringing the interfaces up, which means the rules
 >> will be there once network connectivity is brought up)

 > You have to explicitly call it from /etc/network/interfaces like:

 > auto eth0
 > iface eth0 inet static
[...]
 >         pre-up /etc/network/if-pre-up.d/iptables

	It somewhat defeats its advantage of /not/ having it mentioned
	for each of the host's interfaces.

auto eth0 eth1 ...
iface eth0 inet static
    ...
    pre-up /etc/network/if-pre-up.d/iptables
iface eth1 inet static
    ...
    pre-up /etc/network/if-pre-up.d/iptables
...

[...]

-- 
FSF associate member #7257