Re: iptables question - location

To: debian-user@lists.debian.org (debian-user)
Subject: Re: iptables question - location
From: Manuel Samper <manuel@samper.dyndns.org>
Date: Thu, 4 Jul 2002 15:42:48 +0200
Message-id: <[🔎] 20020704134314.0B115F1A7@mailhost.dyndns.org>
In-reply-to: <[🔎] 200207041131.30587.gtdev@spearhead.de>
References: <[🔎] 3D23902E.30405@npc-usa.com> <[🔎] 87ofdo2uyx.fsf@labatt.uhoreg.ca> <[🔎] 200207041131.30587.gtdev@spearhead.de>

El Jue 04 Jul 2002 11:31, Nicos Gollan comentó:
> On Thursday 04 July 2002 02:32, Hubert Chan wrote:
> > >>>>> "Curtis" == Curtis Vaughan <curtis@npc-usa.com> writes:
> >
> > Curtis> I would like to edit the iptables script file, which
> > according Curtis> to one source should be located in
> > /etc/rc.d/init.d/iptables ^^^^^
> >
> > No rc.d in Debian.  dpkg -S says:
> >
> > # dpkg -S /etc/init.d/iptables
> > iptables: /etc/init.d/iptables
> >
> > This is from iptables 1.2.6a-6 from sid (but should be there in
> > whatever version Woody has too).  It obviously won't be in Potato
> > since Potato predates Linux 2.4 and iptables.
> >
> > Curtis> Is this a script I need to create from scratch?
> >
> > I built mine from scratch.  It's not really that hard if you read
> > the iptables docs.
>
> The provided init script is pretty cool IMHO, it just isn't called by
> default. You can enable it with dpkg-reconfigure iptables.

Quoted from "/etc/default/iptables":

# Now for a short question and answer session:
#
# Q: You concocted this init.d setup, but you do not like it?
# A: I was pretty much hounded into providing it. I do not like it.
#    Don't use it. Use /etc/network/interfaces, use /etc/network/*.d/
#    scripts use /etc/ppp/ip-*.d/ script. Create your own custom
#    init.d script -- no need to even name it iptables.  Use ferm,
#    ipmasq, ipmenu, guarddog, firestarter, or one of the many other
#    firewall configuration tools available. Do not use the init.d
#    script.
#
# Q: What is this iptables init.d setup all about?
# A: The iptables init.d setup saves and restores whole iptables's
#    table rulesets. That's basically it. It doesn't create any
#    iptables rules nor provide for running any iptables rules.
#    That also implies no support at all for dynamic rules.

> What the scrip does is using the iptables-[save|restore] scripts to
> handle configurations saved in /var/lib/iptables (the files used are
> active and inactive). If the script is linked into the runlevels, you
> just have to create your configuration, save it with
>
> iptables-save > /var/lib/iptables/active
>
> and the configuration will be restored upon reboot.

-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- iptables question - location
  - From: Curtis Vaughan <curtis@npc-usa.com>
- Re: iptables question - location
  - From: Hubert Chan <hubert@uhoreg.ca>
- Re: iptables question - location
  - From: Nicos Gollan <gtdev@spearhead.de>

Prev by Date: Re: Logitech optical mouse?
Next by Date: Re: PS/2 mouse no longer detected after upgrade
Previous by thread: Re: iptables question - location
Next by thread: Re: iptables question - location
Index(es):
- Date
- Thread