[Iptables] Debian sarge, can't run script

wesleywest · 01-25-2005, 02:05 PM

After a while using redhat enterprise editon 3 i took a step to debian and i'm loving it from the first moments on.
But i ran into a problem!
in redhad i have a directory /etc/rc.d/init.d/ where i start my firewall with ./iptables start

But whit debian i can't seem to find any scritp of starting or stoping my firewall iptables!
I know it is running cause i can get a list with iptables -L

So what do i do, and where do i store my script so it wil run when i start my iptables or stop it.

ohw yeah i forgot to mention: i run debian sarge!

thnx indvande

leonscape · 01-25-2005, 02:17 PM

Scripts are in /etc/init.d

wesleywest · 01-25-2005, 02:23 PM

Quote:

Originally posted by leonscape
Scripts are in /etc/init.d

yeah i did understand that part, buw how do i start en stop my firewall like in redhat and where is the file that is pointing @ /etc/init.d ?

leonscape · 01-25-2005, 02:28 PM

The runlevel directories are /etc/rc0.d too /etc/rc6.d just check your default runlevel in /etc/inittab and delete or add the symlink to the appropriate directory.

wesleywest · 01-25-2005, 02:36 PM

i just read something from someone else his post, but i don't quite understand it.
could somone clear this a little for me

Code:

Put it in the /etc/init.d/ directory make it executable and then:

    code:

update-rc.d rc.firewall start 20 2 3 4 5 . stop 20 0 1 6 .



Will make the proper links in the /etc/rc?.d directories to start and stop properly on boot or shutdown. Note the . in the line they are important.

especially this line :

update-rc.d rc.firewall start 20 2 3 4 5 . stop 20 0 1 6 .

leonscape · 01-25-2005, 02:43 PM

update-rc.d can be used to set the symlinks for you in the runlevel directories. rc.firewall is his script.

start tells you where you want this script started, followed by the order number ( so It can be run in the correct order amongst other scripts ) followed by the run levels in which the script is to be started.
stop does exactly the same except this time the order and runlevels in which the script is to be stopped. The . is used to mark the end of the run levels.

This command would create these symlinks:

/etc/rc0.d/K20rc.firewall -> ../init.d/rc.firewall
/etc/rc1.d/K20rc.firewall -> ../init.d/rc.firewall
/etc/rc2.d/S20rc.firewall -> ../init.d/rc.firewall
/etc/rc3.d/S20rc.firewall -> ../init.d/rc.firewall
/etc/rc4.d/S20rc.firewall -> ../init.d/rc.firewall
/etc/rc5.d/S20rc.firewall -> ../init.d/rc.firewall
/etc/rc6.d/K20rc.firewall -> ../init.d/rc.firewall

wesleywest · 01-25-2005, 02:55 PM

so the numbers are runlevel he uses to start en stop the firewall ok ok

but i have just a script like

-p input ACCEPT
enz
enz

and som open port

but no if statements like start en stop in my script ! do i need those ?

leonscape · 01-25-2005, 03:03 PM

At least a way of skipping them for the killing would be useful

Code:

if [[ $1 == start ]]; then
    -p input ACCEPT
    ...
fi