[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables service with debian

Hello,

Tom H a écrit :
> On Fri, Apr 27, 2012 at 6:59 PM, Pascal Hambourg <pascal@plouf.fr.eu.org> wrote:
>> Tom H a écrit :
>>> It's best to run an iptables script from "/etc/network/if-pre-up.d/".
>> Only for the rules which are related to a specific interface. Ruleset
>> initialization should not be done from there.
> 
> Why not?

Because it makes no sense to re-initialize the ruleset every time an
interface is activated.

> Is this documented somewhere? If not, from where should
> iptables rules be launched?

Iptables should be initialized from an initscript run before networking.
Reply to: