how to start iptables when system upping?

Danny Rappleyea danny.rappleyea@etrials.com
Mon, 23 Jul 2001 17:44:29 -0400 

I did the same thing with /etc/rc.d/rc.local to start my script. Because
this loads late in the boot process, I made a safe config to load when
iptables starts. It's a quicky ruleset to allow ping'ing the box, ssh in,
and dropping everything else - which I saved using "service iptables save". 

Danny

-----Original Message-----
From: Matt Hellman [mailto:mhellman@raccoon.com]
Sent: Friday, July 20, 2001 10:40 PM
To: linux_netfilter
Cc: netfilter
Subject: Re: how to start iptables when system upping?


All the newer distro's seem to have their own way of loading iptables
scripts.  I haven't investigated them much since it's so easy to load
anyway.  Personally, I just edit /etc/rc.d/rc.local and load my script
from there.  Just add a line like this:

# load firewall script
. /path/to/firewall/script

Using the distro supplied scripts, you will probably be able to load the
firewall earlier in the boot process (rc.local is loaded after all the
other runlevel stuff).  If you wanted to, you could even create your own
init.d script to start the firewall.  Just copy one of the more basic
scripts already in /etc/rc.d/init.d and edit to suit your needs. 
And...to answer your question regarding /etc/rc.d/init.d...the system
does not load those on startup.  Those are there so they can be linked
to from the directories that Linux actually does use during bootup. 
(man chkconfig should tell you what you need to know).

linux_netfilter wrote:
> 
> Hi,all:
>    What I want to do is starting iptables and applying my
> own ruleset.How to do?I am not familiar with linux.Does
> linux run every shell script under /etc/rc.d/init.d?
>    There are both iptables and ipchains under /etc/rc.d/init.d.
> And ipchains and firewall but no iptables are under /etc/sysconfig.
> 
> BTW:I have recompiled the kernel and removed ipchains modules
> and add iptables(and related) modules.Now I can run iptables with
> my own filter rules after system up.But how to do then iptables can
> run with my rules when system upping?
> 
>             linux_netfilter
>             linux_netfilter@sina.com