Re: iptables default

To: debian-isp@lists.debian.org
Subject: Re: iptables default
From: Emile van Bergen <emile-deb@evbergen.xs4all.nl>
Date: Thu, 13 Mar 2003 04:00:07 +0100
Message-id: <20030313030007.GA13381@evbergen.xs4all.nl>
Mail-followup-to: debian-isp@lists.debian.org
In-reply-to: <3E6FE986.3050108@sitegeneral.com>
References: <3E6FE986.3050108@sitegeneral.com>

Hi,

On Thu, Mar 13, 2003 at 01:14:30PM +1100, Glenn Hocking wrote:

> Hi all
> 
> I've got a couple of simple port forwarding rules to forward from a 
> debian/testing ADSL Internet gateway to a citrix box but are unsure how 
> to make them stay loaded after a reboot.
> 
> Is there a default rule table somewhere? Or do I need to just execute 
> the commands from a script on startup?

No, yes.

I usually create an /etc/init.d/firewall for this purpose which I link
to from /etc/rc2.d/S25firewall and /etc/rc0.d/K15firewall.

A simple version contains something like this:

set -x

case $1 in
	start|restart|reload)
	echo Establishing firewall.
	;;

	stop)
	echo Removing firewall.
	;;

	*)
	echo Usage: $0 '{start|stop}'
	exit 1
	;;
esac


### Flush rules and delete custom chains

iptables -F

# iptables -X customchain1 2>/dev/null
# iptables -X customchain2 2>/dev/null

[ $1 = stop ] && exit 0


### Create custom chains and rules below

...


Cheers,



Emile.

-- 
E-Advies - Emile van Bergen           emile@e-advies.nl      
tel. +31 (0)70 3906153           http://www.e-advies.nl

Reply to:

Follow-Ups:
- Re: iptables default
  - From: Donovan Baarda <abo@minkirri.apana.org.au>

References:
- iptables default
  - From: Glenn Hocking <glenn@sitegeneral.com>

Prev by Date: iptables default
Next by Date: Re: iptables default
Previous by thread: iptables default
Next by thread: Re: iptables default
Index(es):
- Date
- Thread