Re: [gentoo-user] Re: launching iptables

public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed

From: Iain Buchanan <iaindb@netspace.net.au>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user]  Re: launching iptables
Date: Thu, 03 Aug 2006 07:59:09 +0930	[thread overview]
Message-ID: <1154557749.15502.5.camel@orpheus> (raw)
In-Reply-To: <loom.20060802T230652-790@post.gmane.org>

On Wed, 2006-08-02 at 21:13 +0000, James wrote:
> Alexander Kirillov <nevis2us <at> infoline.su> writes:
> 
> 
> > > Is their a way to get 'rc-update add <my_firewall>  default' to launch
> > > my_firewall without putting it in the /etc/init.d/ dir and using the 
> > > runscipt template for my script?
> 
> > > thoughts, suggestions and examples are most welcome.
> > Keep your script in /etc and run it once.
> 
> OK, but how will it get discovered again upon reboot?

when you use iptables-save, your script gets saved in the IPTABLES_SAVE
location in /etc/conf.d/iptables

> /etc/init.d/iptables will overwrite what my_firewall.sh does.
> as it is currently doing....
> 
> 
> > If you have SAVE_ON_STOP="yes" in /etc/conf.d/iptables
> > your rules will be restored whenever you restart iptables.
> 
> Um, maybe I missing something but searching for "SAVE_ON"
> only reveals this line in the /etc/init.d/iptables script:

you're looking in init.d, look in conf.d - this is where you customise
behaviour for init scripts...

I use webmin to create the initial iptables rules, then edit the file by
hand that I specified in /etc/conf.d/iptables, if I have to.  webmin is
pretty good, so usually I don't have to edit anything by hand...

HTH,
-- 
Iain Buchanan <iaindb at netspace dot net dot au>

"By golly, I'm beginning to think Linux really *is* the best thing since
sliced bread."
(By Vance Petree, Virginia Power)

-- 
gentoo-user@gentoo.org mailing list

next prev parent reply	other threads:[~2006-08-02 22:33 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-08-02 20:41 [gentoo-user] launching iptables James
2006-08-02 20:59 ` Alexander Kirillov
2006-08-02 21:13   ` [gentoo-user] " James
2006-08-02 22:29     ` Iain Buchanan [this message]
2006-08-03  1:08       ` Daniel Huckstep
2006-08-02 21:16 ` [gentoo-user] " Donnie Berkholz
2006-08-02 21:20 ` Jerry McBride
2006-08-02 21:42 ` Richard Fish
2006-08-02 21:53 ` dg
2006-08-03  1:52   ` [gentoo-user] " James
2006-08-03  2:16     ` Dale

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1154557749.15502.5.camel@orpheus \
    --to=iaindb@netspace.net.au \
    --cc=gentoo-user@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox