Re: stretch vs iptables auto-start

To: debian-user@lists.debian.org
Subject: Re: stretch vs iptables auto-start
From: Joe <joe@jretrading.com>
Date: Mon, 24 Aug 2020 09:29:34 +0100
Message-id: <[🔎] 20200824092934.2604bf28@jresid.jretrading.com>
In-reply-to: <[🔎] 202008232134.12411.gheskett@shentel.net>
References: <[🔎] 202008231426.19755.gheskett@shentel.net> <[🔎] 20200823204522.39990e34@jresid.jretrading.com> <[🔎] 202008232134.12411.gheskett@shentel.net>

On Sun, 23 Aug 2020 21:34:12 -0400
Gene Heskett <gheskett@shentel.net> wrote:

> On Sunday 23 August 2020 15:45:22 Joe wrote:
> 

> >
> > My server iptables is inherited from, I think, sarge, so it's
> > probably not done optimally today. It's an init script run from
> > /etc/rcS.d.  
> 
> Ah,/etc/rcS.d/S18netfilter-persistent
> but that does not mention iptables anyplace in it.  Whats the diff?
> 

Not quite. I have a pseudo-daemon script (lifted from Linux From
Scratch, before the auto-builds happened) that accepts a filename, so I
can have a couple of sets of rules, plus a status command to tell me
which is currently installed, and flush and stop commands to clear the
rules or to stop everything. 

My server only ever needs one set, but my netbook boots up into
suitable rules for public wifi, and I run a different set on a trusted
LAN. The netbook doesn't use my old daemon script, but uses
iptables-persistent and I just run other rulesets manually when needed.

-- 
Joe

Reply to:

References:
- stretch vs iptables auto-start
  - From: Gene Heskett <gheskett@shentel.net>
- Re: stretch vs iptables auto-start
  - From: Joe <joe@jretrading.com>
- Re: stretch vs iptables auto-start
  - From: Gene Heskett <gheskett@shentel.net>

Prev by Date: Re: stretch vs iptables auto-start
Next by Date: Re: Homebuilt NAS: System Drive Filesystem?
Previous by thread: Re: stretch vs iptables auto-start
Next by thread: Re: stretch vs iptables auto-start
Index(es):
- Date
- Thread