Re: stretch vs iptables auto-start
On Sun, 2020-08-23 at 14:26 -0400, Gene Heskett wrote:
> Greetings all;
>
> Since the big conversion of file structs vs who owns what, which
> apparently includes running rc.local as the logged in user and not
> as
> root, that has hidden the iptables stuff from everybody but root
> since
> its not now in the users $PATH.
>
> So what is the best way to assure this stuff gets started during a
> reboot
On my Debian box acting as a router, currently running Buster but been
running for about 10 years of Debian upgrades, I start my firewall by
this line in /etc/network/interfaces
pre-up /root/firewall.sh
Where firewall.sh is a shell script of iptables rules (that also stops
and restarts fail2ban amongst other housekeeping tasks).
I have that pre-up command in the section for my ADSL line, the full
list of commands is
auto dsl-provider
iface dsl-provider inet ppp
pre-up /sbin/ifconfig eth0 up # line maintained by pppoeconf
pre-up /root/firewall.sh
provider dsl-provider
My thinking was that before bringing up my ADSL connection to the
internet I need to make sure that eth0 is up because that connects to
my modem, then install my firewall.
My server is using sysvinit not systemd.
--
Tixy
Reply to: