LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Desktop
User Name
Password
Linux - Desktop This forum is for the discussion of all Linux Software used in a desktop context.

Notices



Reply
 
Search this Thread
Old 05-10-2009, 02:26 AM   #1
sonypeter
LQ Newbie
 
Registered: May 2009
Posts: 13

Rep: Reputation: 0
Smile need help with /etc/rc.local


hi guys, i am using fedora 10. i want to block few websites from opening for parental control. i tried editing rc.local.

this is the output for gedit /etc/rc.local:

#!/bin/sh

# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

iptables -I INPUT -s www.orkut.com -d 0/0 -j DROP

touch /var/lock/subsys/local

iptables -I INPUT -s www.orkut.com -d 0/0 -j DROP
exit 0

for some reasons, this command is not initialising while booting. right now i am manually entering it on terminal after logging in and it is working too.

can someone help me to put this on work while booting?. please help me with rc.local.


thanks in advance.
 
Old 05-10-2009, 07:06 AM   #2
kpraveen455
Member
 
Registered: Feb 2009
Location: Hyderabad
Distribution: fedora
Posts: 33

Rep: Reputation: 17
Smile

Hi Sony,

This works fine on my fedora system...

Actually "rc.local" will be executed on bootup after all init scripts are completed. However, Try checking /sbin/iptables -L (which will list all IP addresses blocked) after a fresh reboot. The logs should ideally show that given IP packet is dropped.

Logs of iptables (for orkut.com) on my Fc7 system:
"Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP 0 -- pq-in-f94.google.com anywhere
DROP 0 -- pq-in-f87.google.com anywhere
DROP 0 -- pq-in-f86.google.com anywhere
DROP 0 -- pq-in-f85.google.com anywhere
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps

Chain FORWARD (policy ACCEPT)
target prot opt source destination


Chain OUTPUT (policy ACCEPT)
target prot opt source destination"
 
Old 05-10-2009, 10:46 AM   #3
sonypeter
LQ Newbie
 
Registered: May 2009
Posts: 13

Original Poster
Rep: Reputation: 0
Smile here is the output

hi praveen, thanks for your support.

i tried /sbin/iptables -L after a fresh reboot as you said. here is the output i got:

"Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target prot opt source destination "

so, i think nothing is blocked while initializing. rc.local is not executing.
i tried /sbin/iptables -L without rebooting after entering the iptables..command manually on terminal and that gave me somewhat similiar output like you said.

so is this that rc.lcal is failing to get executed?.

sorry that i made this one little bigger.
thanks for your advice.

regards.
 
Old 05-11-2009, 03:35 AM   #4
kpraveen455
Member
 
Registered: Feb 2009
Location: Hyderabad
Distribution: fedora
Posts: 33

Rep: Reputation: 17
Wink

Hi Sony,

Actually "/etc/rc.local" will be a soft link to "/etc/rc.d/rc.local". Please check if the file "/etc/rc.d/rc.local" has executable permissions or not. if it doesn't give executable permissions as

chmod +x /etc/rc.d/rc.local

Also, even if the above procedure didn't work, then try to put your script into "/etc/rc3.d" or "/etc/rc5.d" directory (try googling this procedure) and try it..

Also please let me know if this works...
 
Old 05-11-2009, 05:20 AM   #5
sonypeter
LQ Newbie
 
Registered: May 2009
Posts: 13

Original Poster
Rep: Reputation: 0
Cool thanks brother

hi praveen,
you know what is one of the best feature of linux?. its of course the community support it provides.
well, I executed the chmod. I am in middle of downloading a file so couldn't check if its working.
I will definitely let you know how it went.

felt really happy to receive your replies.

by the way that chmod -x command was a new information for me. also that rc.local can be both in executable and non executable forms.thanks for it.

have a great day.

update:

hi praveen,
sorry for delay. was giving my board exams.

i fixed the problem accidently.
i enabled iptables at boot time with chkconfig iptables on
and saved with service iptbles save

i simply rebooted and its working fine.
thanks for support and advice.
regards.

Last edited by sonypeter; 05-14-2009 at 10:27 AM. Reason: update
 
  


Reply

Tags
control, parental, rclocal


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
relay all non-local mail to 1 local address and NOT real destinations manqox Linux - Server 6 09-04-2008 05:13 AM
how can i add a local Folder on local Hard Disk as Yum Repository ?? vahid_p Fedora 4 02-22-2007 11:43 AM
shell script to compare filese b/w local and remote and delete files from local serve dsids Linux - Networking 9 08-23-2006 08:20 AM
Setup local machine to allow lan machines to retrieve its local user mail. Brian1 Linux - Networking 3 03-30-2006 06:04 AM
Local webserver -- How to deny all client install their local web server--Please help b:z Linux - Networking 13 04-16-2005 08:11 PM


All times are GMT -5. The time now is 03:00 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration