Re: stretch vs iptables auto-start

To: debian-user@lists.debian.org
Subject: Re: stretch vs iptables auto-start
From: Tixy <tixy@yxit.co.uk>
Date: Mon, 24 Aug 2020 08:45:05 +0100
Message-id: <[🔎] 1d01fabcd66e1da90a1802b3a975748165955082.camel@yxit.co.uk>
In-reply-to: <[🔎] 202008231426.19755.gheskett@shentel.net>
References: <[🔎] 202008231426.19755.gheskett@shentel.net>

On Sun, 2020-08-23 at 14:26 -0400, Gene Heskett wrote:
> Greetings all;
> 
> Since the big conversion of file structs vs who owns what, which 
> apparently includes running rc.local as the logged in user and not
> as 
> root, that has hidden the iptables stuff from everybody but root
> since 
> its not now in the users $PATH.
> 
> So what is the best way to assure this stuff gets started during a
> reboot

On my Debian box acting as a router, currently running Buster but been
running for about 10 years of Debian upgrades, I start my firewall by
this line in /etc/network/interfaces

  pre-up /root/firewall.sh

Where firewall.sh is a shell script of iptables rules (that also stops
and restarts fail2ban amongst other housekeeping tasks).

I have that pre-up command in the section for my ADSL line, the full
list of commands is

  auto dsl-provider
  iface dsl-provider inet ppp
  pre-up /sbin/ifconfig eth0 up # line maintained by pppoeconf
  pre-up /root/firewall.sh
  provider dsl-provider

My thinking was that before bringing up my ADSL connection to the
internet I need to make sure that eth0 is up because that connects to
my modem, then install my firewall.

My server is using sysvinit not systemd.

-- 
Tixy

Reply to:

References:
- stretch vs iptables auto-start
  - From: Gene Heskett <gheskett@shentel.net>

Prev by Date: Re: Strange behaviour in plasma5
Next by Date: Re: stretch vs iptables auto-start
Previous by thread: Re: stretch vs iptables auto-start
Next by thread: Re: stretch vs iptables auto-start
Index(es):
- Date
- Thread