Re: iptables/firestarter

To: debian-user@lists.debian.org
Cc: debian-user@lists.debian.org
Subject: Re: iptables/firestarter
From: Jeff Soules <soules@gmail.com>
Date: Fri, 16 Jan 2009 23:24:37 -0500
Message-id: <[🔎] c956da920901162024i47611387x817ae58d1406c4da@mail.gmail.com>
In-reply-to: <[🔎] 52d26d930901161935o58bd8fc8obcbe9d4bff9de1e2@mail.gmail.com>
References: <[🔎] 200901161658.19186.ale@pcartwright.com> <[🔎] 52d26d930901161935o58bd8fc8obcbe9d4bff9de1e2@mail.gmail.com>

>> on my system but it isn't running, and I don't think I ever set it up. All I
>> want is for my web port rule to start every time I boot, but I can't find
>> anywhere in the system where iptables is saved, or where to put this one line
>> rule so it starts every time.

http://www.debian-administration.org/articles/615 has more information
about this topic.

Personally, I do this:

Ensure that you have your firewall rules set up as you wish them.
Then, edit /etc/network/interfaces to add the following:

# Bring up firewall
pre-up iptables-restore < /etc/iptables.rules

# And save fw state on shutdown
post-down iptables-save -c > /etc/iptables.rules


However, people seem to be saying that this may have drawbacks, as if
you add a bad rule or otherwise negatively alter your ruleset, it
would get automatically saved.  Since I make all edits to my iptables
rules in a shell script that I source when I want to change them, I'm
not too worried about that, but you can see several alternate
solutions from the link above.

Hope this helps!

On Fri, Jan 16, 2009 at 10:35 PM, Umarzuki Mochlis <umarzuki@gmail.com> wrote:
> Perhaps you can run
> # update-rc.d <your-desired-program>
>
> To make iptables start at boot-up for every runlevel. never tried this
> but i read from http://www.rexx.com/~dkuhlman/iptables_install.html
> (check step number 7)
>
> 2009/1/17 Paul Cartwright <ale@pcartwright.com>:
>> I am having a small problem with my system. I started a small web server, so I
>> could share photos. nginx & gallery2 are working just fine, easy to setup and
>> use! The problem is, I just rebooted, and I have to rerun the iptables
>> command to open port 80 for my web server again. I see there is firestarter
>> on my system but it isn't running, and I don't think I ever set it up. All I
>> want is for my web port rule to start every time I boot, but I can't find
>> anywhere in the system where iptables is saved, or where to put this one line
>> rule so it starts every time.
>> wiki.debian.org didn't have an iptables section, just shorewall.

Reply to:

Follow-Ups:
- Re: iptables/firestarter
  - From: Paul Cartwright <ale@pcartwright.com>

References:
- iptables/firestarter
  - From: Paul Cartwright <ale@pcartwright.com>
- Re: iptables/firestarter
  - From: "Umarzuki Mochlis" <umarzuki@gmail.com>

Prev by Date: Re: tv/radio card
Next by Date: Re: tv/radio card
Previous by thread: Re: iptables/firestarter
Next by thread: Re: iptables/firestarter
Index(es):
- Date
- Thread