From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Fxxqn-0007JP-Rm for garchives@archives.gentoo.org; Wed, 05 Jul 2006 03:14:54 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.7/8.13.6) with SMTP id k653D7Aa010404; Wed, 5 Jul 2006 03:13:07 GMT Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by robin.gentoo.org (8.13.7/8.13.6) with ESMTP id k6537qbf002434 for ; Wed, 5 Jul 2006 03:07:53 GMT Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 19CC0642ED for ; Wed, 5 Jul 2006 03:07:52 +0000 (UTC) Received: from smtp.gentoo.org ([127.0.0.1]) by localhost (smtp.gentoo.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 12614-12 for ; Wed, 5 Jul 2006 03:07:46 +0000 (UTC) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id DAEB86454B for ; Wed, 5 Jul 2006 03:07:45 +0000 (UTC) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1Fxxjm-0002x5-Nb for gentoo-user@gentoo.org; Wed, 05 Jul 2006 05:07:39 +0200 Received: from www.buffer.net ([24.73.161.102]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 05 Jul 2006 05:07:38 +0200 Received: from wireless by www.buffer.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 05 Jul 2006 05:07:38 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-user@lists.gentoo.org From: james Subject: [gentoo-user] iptables wiki Date: Wed, 5 Jul 2006 03:07:31 +0000 (UTC) Message-ID: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: main.gmane.org User-Agent: Loom/3.14 (http://gmane.org/) X-Loom-IP: 24.73.161.102 (Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.13) Gecko/20060616) Sender: news X-Virus-Scanned: amavisd-new at gentoo.org X-Spam-Status: No, score=-2.581 required=5.5 tests=[AWL=0.018, BAYES_00=-2.599] X-Spam-Score: -2.581 X-Spam-Level: X-Archives-Salt: 8309cb1f-ac4e-4d9a-8611-a007aad9c4be X-Archives-Hash: e772d51a10fd5017a7f570f97a01a8a0 Hello, I'm attempting to follow this wiki to build a test firewall running iptables: http://gentoo-wiki.com/HOWTO_Iptables_for_newbies#QuickStart Kernel is 'hardened' with netfilter et al activated. It looks reasonable and is suppose to be up to date. My nics are set up in /etc/conf.d/net iface_eth0="192.168.2.20 broadcast 192.168.2.255 netmask 255.255.255.0" iface_eth1="192.168.3.11 broadcast 192.168.3.255 netmask 255.255.255.0" iface_eth2=" broadcast netmask 255.255.255.252" routes_eth2=( "default gw " ) All work fine. port forwarding is enabled: Rulesets get saved to /var/lib/iptables/rules-save As specificed in /etc/conf.d/iptables and /etc/init.d/iptables is the script that launces iptables plus rc-update add iptables default I think all of this is correct(correct me if I'm wrong). When I go to /etc/init to write my rules into firewall.sh as specified in the aforementioned wiki I automatically get this shoved into the script: #!/sbin/runscript # Copyright 1999-2006 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 # $Header: $ depend() { } start() { } stop() { } restart() { } curiously none of the example talk about this. Is this the correct place to put my script(/etc/init.d/, which is somewhat similar to the one suggested in the wiki? None of the examples I found googling discuss the details of where to put the script, how to launch it and other such details. Any suggestion are welcome. I have found lots of example scripts similar to my 3 nic net/lan/dmz setup though. Any suggestions are very welcome. James -- gentoo-user@gentoo.org mailing list