From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.43)
	id 1Dt7DE-0006pQ-Ew
	for garchives@archives.gentoo.org; Thu, 14 Jul 2005 17:09:28 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j6EH8kwv015860;
	Thu, 14 Jul 2005 17:08:46 GMT
Received: from nproxy.gmail.com (nproxy.gmail.com [64.233.182.199])
	by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j6EH8jMQ029180
	for <gentoo-embedded@lists.gentoo.org>; Thu, 14 Jul 2005 17:08:46 GMT
Received: by nproxy.gmail.com with SMTP id c2so116771nfe
        for <gentoo-embedded@lists.gentoo.org>; Thu, 14 Jul 2005 10:08:53 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:references;
        b=o7HUEh9yeTHqf/hz8WTN78HGvgJVPfQrCjdYRkQW+16S+O/JKd0c7gzB4l2/gua337sPQ2y6TPQHfT1tf6cPPqLRBjTIjB8NdvbE0HMhCvqSJFtTBUW33YIGOkmuBaJ2sIJCuLK18zIEA8deI4Fj+4qyVlg9hrfvv13b1aRmnYg=
Received: by 10.48.144.1 with SMTP id r1mr81733nfd;
        Thu, 14 Jul 2005 10:08:53 -0700 (PDT)
Received: by 10.48.240.6 with HTTP; Thu, 14 Jul 2005 10:08:53 -0700 (PDT)
Message-ID: <8568e72d0507141008426be71f@mail.gmail.com>
Date: Thu, 14 Jul 2005 19:08:53 +0200
From: Sebastian Rodriguez <sniper.mdr@gmail.com>
To: gentoo-embedded@lists.gentoo.org
Subject: Re: [gentoo-embedded] Using iptables alone without shorewall/firehol
In-Reply-To: <42D69BA1.9070203@gentoo.org>
Precedence: bulk
List-Post: <mailto:gentoo-embedded@lists.gentoo.org>
List-Help: <mailto:gentoo-embedded+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-embedded+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-embedded+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-embedded.gentoo.org>
X-BeenThere: gentoo-embedded@gentoo.org
Reply-to: gentoo-embedded@lists.gentoo.org
Mime-Version: 1.0
Content-Type: multipart/alternative; 
	boundary="----=_Part_8822_33486637.1121360933075"
References: <8568e72d050714061741d809ab@mail.gmail.com>
	 <42D69BA1.9070203@gentoo.org>
X-Archives-Salt: 6a25d458-077f-4dcd-8fc5-f5e0d761e838
X-Archives-Hash: 578bf0ca2df9ec361060c5d528cd40eb

------=_Part_8822_33486637.1121360933075
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

yes it helps of course, the thing is: by default iptables doesnt start wit=
=20
gnap? Oo as shorewall adn firehol are based on iptables I tought it would=
=20
start at boot

On 7/14/05, Thierry Carrez <koon@gentoo.org> wrote:
>=20
> Sebastian Rodriguez wrote:
> >
> > Hello,
> > I am considering the option of using gnap, as my currently router / fw
> > is a gentoo box. The "problem" is that actually I don't use shorewall,
> > neither firehol. I just start my script at boot, and everything is
> > great. I just want to know if we can unable shorewall and firehol and
> > use iptables alone. If it is possible, how do we do it?
>=20
> If you have USE_FW=3Dno, GNAP won't start shorewall or firehol. You can
> add extra startup init scripts using START_SERVICES (for example
> START_SERVICES=3D"iptables").
>=20
> Hope this helps...
>=20
> --
> Koon
> --
> gentoo-embedded@gentoo.org mailing list
>=20
>=20


--=20
S=E9bastien Rodriguez

------=_Part_8822_33486637.1121360933075
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

yes it helps of course, the thing is: by default iptables doesnt start
wit gnap? Oo as shorewall adn firehol are based on iptables I tought it
would start at boot<br><br><div><span class=3D"gmail_quote">On 7/14/05, <b =
class=3D"gmail_sendername">Thierry Carrez</b> &lt;<a href=3D"mailto:koon@ge=
ntoo.org">koon@gentoo.org</a>&gt; wrote:</span><blockquote class=3D"gmail_q=
uote" style=3D"border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0=
pt 0.8ex; padding-left: 1ex;">
Sebastian Rodriguez wrote:<br>&gt;<br>&gt; Hello,<br>&gt; I am considering =
the option of using gnap, as my currently router / fw<br>&gt; is a gentoo b=
ox. The &quot;problem&quot; is that actually I don't use shorewall,<br>
&gt; neither firehol. I just start my script at boot, and everything is<br>=
&gt; great. I just want to know if we can unable shorewall and firehol and<=
br>&gt; use iptables alone. If it is possible, how do we do it?<br><br>
If you have USE_FW=3Dno, GNAP won't start shorewall or firehol. You can<br>=
add extra startup init scripts using START_SERVICES (for example<br>START_S=
ERVICES=3D&quot;iptables&quot;).<br><br>Hope this helps...<br><br>--<br>Koo=
n
<br>--<br><a href=3D"mailto:gentoo-embedded@gentoo.org">gentoo-embedded@gen=
too.org</a> mailing list<br><br></blockquote></div><br><br><br>-- <br>S=E9b=
astien Rodriguez

------=_Part_8822_33486637.1121360933075--
-- 
gentoo-embedded@gentoo.org mailing list