gabriel rosenkoetter on Thu, 22 Nov 2001 19:40:13 +0100


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] IPMASQ (Debian Way)


On Thu, Nov 22, 2001 at 01:23:15PM -0500, gabriel rosenkoetter wrote:
> # cat > /etc/rc2.d/S99ipmasq
> #!/bin/sh
> if [ -x /path/to/ipmasq ]
> 	/path/to/ipmasq
> fi
> # chmod 744 /etc/rc2.d/S99ipmasq

Oh, actually, Debian uses /etc/init.d properly (that is to say, like
SysV) so:

# cat > /etc/init.d/ipmasq
#!/bin/sh
if [ -x /path/to/ipmasq ]
	/path/to/ipmasq
fi
# chmod 744 /etc/init.d/ipmasq
# ln [-s] ../init.d/ipmasq /etc/rc2.d/S99ipmasq

Make sure that starting this at run level 2 does it *after* IP
{Chains,Tables} has been initialized. If not, shove it at run level
3 (/etc/rc3/S...). Note that you'll need to fill in the path to
your ipmasq above and that the -s in the ln is a matter of taste.
(I prefer not to, but I'm fine with using find(1) to find out where
a given thing is started.)

Also, ipmasq is probably one of those things that the regular IP
<whatever> start scripts are supposed to do. Have a look at them.
They'll probably be at run level 2. Perhaps there's a configuration
variable there (or in some /etc/*.conf file) on which ipmasq is
conditionally started?

Note, about all of this, that I'm speaking from general knowledge of
daemons here. I don't like either firewalling software common on
Linux. I prefer Darren Reed's mature, robust IP Filter.

-- 
       ~ g r @ eclipsed.net

Attachment: pgprqh9vBNXf7.pgp
Description: PGP signature