Operating Systems > Linux and UNIX

simple ipchain question

(1/3) > >>

Master of Reality:
how do i save/restor my ipchains?

voidmain:
I create a script with all my IP Chains commands called /etc/rc.d/rc.firewall (make it executable), and I added this line to the end of the /etc/rc.d/rc.local: /etc/rc.d/init.d/rc.firewall. This way the firewall will be configured at bootup.

A cut down version of my rc.firewall is included at the bottom of this message.  Notice that I flush/delete all chains in the first two lines of the script. That way if you make changes to the script all you have to do is execute the script for your new firewall rules to take effect. This is the "old" method of running your firewall script.  There are now services to do this, however, I prefer to continue using my old method. Works like a champ, why change?

--- Code: ---
--- End code ---

[ May 16, 2002: Message edited by: VoidMain ]

Master of Reality:
i may use that (at least as a template). With either quite a bit of changes because you are using the 2.2 kernel which uses different modules than the 2.4. But i could switch to slackware which comes with both kernels, or use my (store-bought) redhat 6.2 that i have. I really do like slackware though, i have been thinking of running my server on it.

Master of Reality:
My Red Hat 7.3 loads some weird ipchains when it starts... where d'ya think i would find the script for these chains, so that i could stop it?

voidmain:
By default in RH73 if you select firewall settings at install time it should put the ipchains rules in /etc/sysconfig/ipchains.  And they are executed by the /etc/rc.d/init.d/ipchains script depending on whether you have the "ipchains" service set to execute in whatever run level you happen to be in (probably 5).  If you do a "/sbin/chkconfig --list ipchians" it will show you which run levels these rules apply to. If you want to turn it off you can either modify the /etc/sysconfig/ipchains file to your taste, or turn the service off:

# /sbin/service ipchains stop
# /sbin/chkconfig --level 2345 ipchains off

[ June 28, 2002: Message edited by: VoidMain ]

Navigation

[0] Message Index

[#] Next page

Go to full version