[WBEL-users] IPtables...Script startup
Kirby Bohling
kbohling@birddog.com
Wed, 23 Jun 2004 15:31:52 -0500
On Wed, Jun 23, 2004 at 03:55:58PM -0400, dgr@snap.cu wrote:
> Hello list!!!
>
> I have a server whit basic system of WBEL. I´m installing on this server
> Iptables, BIND and Sendmail from rpm of the distribution CD. All is Ok and
> the services work very well. My problem it´s in the setting of iptables
> services on the startup on server. I created
> /etc/sysconfig/iptables-config script whith permission of executes, the
> script /etc/init.d/iptables read this file
> (/etc/sysconfig/iptables-config) but my server do not NAT on my network. I
> run the iptables -L -t nat commands and it show me all the rules running,
> then i need to run iptables-config script again for mounting the rules.
> Then i need this process automatically. I thought do it in the
> /etc/inittab file throught a new line, but i remenber the iptables-save
> command and probe do iptables-save > /etc/sysconfig/iptables, move the
> iptables-config to iptables.save, restart the server and startup, but not
> work. How to can the run the iptables-config script in the startup
> system??
David,
I didn't quite follow all that, so I'll describe how I'd do it:
Get IP tables set just the way I like it (probably via a
script I save in root's home directory).
Delete the /etc/sysconfig/iptables-config script (I never knew it
existed until your e-mail).
Then run:
service iptables save
chkconfig iptables on
Now, reboot. The last command is my guess as to what you are
missing. chkconfig is a handy tool that you can use to have
services be automatically started and stopped.
Your firewall rules should now be configured just like you want.
The file /etc/sysconfig/iptables-config appears like it needs to be
a shell script. Where as /etc/sysconfig/iptables is the internal
format you get out of using iptables-save/iptables-restore.
>
> Tahnk for all,
> David
>
>
> _______________________________________________
> Whitebox-users mailing list
> Whitebox-users@beau.org
> http://beau.org/mailman/listinfo/whitebox-users
>