Re: iptables and adsl modem at boot time
Florian Ernst wrote:
Hello 'H. S.'!
On Fri, Nov 28, 2003 at 02:52:48AM -0500, H. S. wrote:
[... Customizing the boot process ...]
IN google, I have read suggestion which mainly say to put it in init.d
have a soft link in /etc/rcS.d (?) Can somebody attest to this?
See the corresponding chapter from the Debian Reference at
You might just want to read the whole reference as well, as it
contains lots of valuable information.
Yup, that helped a bit. So I should put my script (my-firewall.sh) in
/etc/init.d and then do:
$> update-rc.d my-firewall.sh defaults N
Where N should a number indicating that run this script before any
interface is brought up, right?
Assuming that is correct, I see an immediate problem as I read Section
2.4.2 Runlevels of the link you have given above. My script does not
have start, stop, reload options. So I guess I shouldn't put that script
in /etc/init.d (?)
If I shouldn't put the firewall script in /etc/init.d, one other option
is see as follows:
1) Set the default iptables (the script that comes with Debian) such
that it block everything
2) call the "my-firewall.sh" script from maybe "pon" script.
So when the computer boots up, the default secure firewall rules will
already be in place when ppp0 is brought up, and while 'pon' brings up
ppp0, it will execute "my-firewall.sh" script before it actually brings
ppp0 up. What do you make of this plan?