From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.43) id 1DtUx2-0005X1-N3 for garchives@archives.gentoo.org; Fri, 15 Jul 2005 18:30:21 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j6FIT2kX000145; Fri, 15 Jul 2005 18:29:02 GMT Received: from smtp.gentoo.org (smtp.gentoo.org [134.68.220.30]) by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j6FIT1du015484 for ; Fri, 15 Jul 2005 18:29:01 GMT Received: from car75-2-82-66-60-148.fbx.proxad.net ([82.66.60.148]) by smtp.gentoo.org with esmtpa (Exim 4.43) id 1DtUw3-0005Oi-4F for gentoo-embedded@lists.gentoo.org; Fri, 15 Jul 2005 18:29:19 +0000 Message-ID: <42D8007F.5020102@gentoo.org> Date: Fri, 15 Jul 2005 20:29:19 +0200 From: Thierry Carrez Organization: Gentoo Linux User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050326) X-Accept-Language: en-us, en Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-embedded@gentoo.org Reply-to: gentoo-embedded@lists.gentoo.org MIME-Version: 1.0 To: gentoo-embedded@lists.gentoo.org Subject: Re: [gentoo-embedded] Using iptables alone without shorewall/firehol References: <8568e72d050714061741d809ab@mail.gmail.com> <42D69BA1.9070203@gentoo.org> <8568e72d0507141008426be71f@mail.gmail.com> <42D69D30.1020101@gentoo.org> <8568e72d05071410313b9c4996@mail.gmail.com> <8568e72d05071510335974507e@mail.gmail.com> In-Reply-To: <8568e72d05071510335974507e@mail.gmail.com> X-Enigmail-Version: 0.90.2.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 8a6e2351-47c8-4477-835d-e22cd2a7f642 X-Archives-Hash: 37fe0a3d4281dae436d2a63e1a9e916a Sebastian Rodriguez wrote: > Well, I am tryng the isntall, but what you said is wrong: > > "USE_FW Set to yes to have a firewall script run at startup. See FW_TYPE > option. Note that you should overlay files in the etc/shorewall or > etc/firehol directory to configure non-default options." > So ok, I say no, but in FW_TYPE I cant chosse "no", so shorewall is > going to run by default with defaul values, Thing I don't want > So someone has an idea? Believe me. I wrote the damn thing. USE_FW decides if you run a firewall script at startup. FW_TYPE decides which script you run (if USE_FW=yes). If you still don't believe me, look at the code : if [ "${USE_FW}" == "yes" ]; then ln -snf "/etc/init.d/iptables" "/etc/runlevels/boot/iptables" if [ "${FW_TYPE}" == "firehol" ]; then ln -snf "/etc/init.d/firehol" "/etc/runlevels/default/firehol" else ln -snf "/etc/init.d/shorewall" "/etc/runlevels/default/shorewall" fi DONTDEPSCAN=0 fi With USE_FW=no, you won't have iptables, you won't have shorewall, and you won't have firehol. Whatever you put in FW_TYPE. -- Thierry Carrez (Koon) -- gentoo-embedded@gentoo.org mailing list