1 |
On Tue, Aug 30, 2005 at 09:26:08PM -0400, Michael Crute wrote: |
2 |
> > |
3 |
> You should use rc-update to run the startup script. Local is for commands |
4 |
> that you want run, not really a great way to run other startup scripts. The |
5 |
> command you want is probably `rc-update add rc.firewall default`. |
6 |
> -Mike |
7 |
|
8 |
Last nigh I started to add rc.firewall to the default runlevel, but I |
9 |
noticed that there was already an iptables script in /etc/init.d. |
10 |
Reading through it, and it companion in /etc/conf.d, it became clear |
11 |
that this seemed like the more elegant solution. So I did the following: |
12 |
|
13 |
/root > /etc/rc.firewall # to start the guarddog firewall |
14 |
/root > /etc/init.d/iptables save # to save the current state |
15 |
/root > rc-update add iptables default # to start automatically |
16 |
/root > reboot |
17 |
|
18 |
At first this didn't work because the rc.firewall script loaded necessary |
19 |
kernel modules for ip-conntrack, etc... I decide to build that |
20 |
capability into the kernel instead of using modules. |
21 |
|
22 |
All is working right now, and I don't have to worry about any changes |
23 |
made to guarddog, as the iptables script saves state before shutting |
24 |
down. |
25 |
|
26 |
Thanks for the pointers, |
27 |
John - who realizes that he needs a better understanding of initscripts |
28 |
|
29 |
-- |
30 |
Contrary to the lie machine, the world is not safer. |