| Stephen Gran on Fri, 20 Dec 2002 21:10:34 -0500 |
|
On Fri, Dec 20, 2002 at 04:33:28PM -0500, epike@isinet.com said: > Ive been trying to understand iptables and firewalling rules and seen > a lot of examples on the web for setting it up. right now my main > issue is > > why do they write iptables rules as a shellscript and putting in > /etc/rc.d instead of defining it inline by iptables and executing > "iptables save" at the end? which one is the preferred or the more > correct method? There are several ways to go about it. I run several 'always on' boxes that server various things, and they have shell scripts in /etc/init.d (Debian). The boxes that go up and down sporadically, or have sporadic internet connections, have shell scripts in /etc/network/if-pre-up.d and /etc/network/if-pre-up.d/. As for why a shell script, I guess it's just easier for me to write rules that way. I think the save active just writes a shell script that's invoked again later, so you could do that as well. -- -------------------------------------------------------------------------- | Stephen Gran | The human race is a race of cowards; | | steve@lobefin.net | and I am not only marching in that | | http://www.lobefin.net/~steve | procession but carrying a banner. -- | | | Mark Twain | -------------------------------------------------------------------------- Attachment:
pgpzkKfzvyVIt.pgp
|
|