[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Firewall config rules
You *should* put it in rc.d/init.d since it is a service activation. Your
script can run ipchains with rules to put up the firewall on the start
script, and rules to take down the firewall on the shutdown script. Of
course this is if you want to go by the book: Taking down the firewall rules
is meaningless when shutting down.
Just make sure you do it early enough in the boot process before any network
interfaces are activated.
-------------------------
Aviram Jenik
"Addicted to Chaos"
-------------------------
Today's quote:
You can't expect to hit the jackpot if you don't
put a few nickels in the machine.
- Flip Wilson, 1971
----- Original Message -----
From: "Boaz Rymland" <rboaz@techunix.technion.ac.il>
To: "Linux-IL" <linux-il@linux.org.il>
Sent: Thursday, September 16, 1999 9:37 AM
Subject: Firewall config rules
> I'm fixing a nice firewalling setup on a home machine.
>
> I'm not sure about the location of the rules setup. I know it's suppose to
> be *before* the interfaces are coming up. My system it RedHat 6 - 2.2.10
> (sys V initialization)
>
> Should I put the rules in /etc/rc.d/init.c/network ? (RedHat manual
> specifically says that the files at /etc/rc.s/init.d/ are for services
> activation rather than for "run-once&exit" programs (like ipchains?)).
>
> Will it be good to use the "ipchains-restore" facility ? (I know it's
> pretty simple, but could you tip a little about that ?)
>
> TIA,
> Boaz.
>
>
> =================================================================
> To unsubscribe, send mail to linux-il-request@linux.org.il with
> the word "unsubscribe" in the message body, e.g., run the command
> echo unsubscribe | mail linux-il-request@linux.org.il
>
>
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il