LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-15-2004, 05:48 AM   #1
rid00z
LQ Newbie
 
Registered: Sep 2003
Posts: 10

Rep: Reputation: 0
How do i use rc.*


I have a script for a linux router, its called rc.firewall, i need to put it in my startup script.

Im using rh8.

Thankyou
 
Old 02-15-2004, 06:12 AM   #2
rid00z
LQ Newbie
 
Registered: Sep 2003
Posts: 10

Original Poster
Rep: Reputation: 0
I cant even run the script. I named it rc.firewall, when i try to run rc.firewall. Its says command not found...

This is what it looks like...

****
# setting up modules we neet to support NAT and add protocols with unordinary behavior
modprobe iptable_nat
modprobe ip_conntrack

#make sure packet forwarding enabled by kernel
echo 1 > /proc/sys/net/ipv4/ip_forward

#flushing existing tables
iptables --flush


#enable connection tracking
iptables -I FORWARD -m state --state INVALID -j DROP
iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

#allowing ssh to this machine
iptables -A INPUT -p tcp -i eth1 --dport ssh -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport ssh -j ACCEPT
iptables -t nat -A PREROUTING -i eth1 -p tcp --destination-port ssh -j DNAT --to 211.30.39.227

#enable loopback
iptables -A INPUT -i lo -p all -j ACCEPT
iptables -A OUTPUT -o lo -p all -j ACCEPT

# accept established connections
iptables -A INPUT -i eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT

#defend against port scans and DDOS attacks
#dealing with packets w/o syn flags when they are new
iptables -A FORWARD -i eth1 -p tcp ! --syn -m state --state NEW -j LOG --log-prefix "new no-SYN: "
iptables -A FORWARD -i eth1 -p tcp ! --syn -m state --state NEW -j DROP
iptables -A FORWARD -i eth1 -p tcp --tcp-flags ACK ACK -m state --state NEW -j LOG --log-prefix "New ACK: "

#enforcing TCP standards
iptables -A INPUT -p tcp --tcp-option \! 2 -j LOG --log-tcp-options --log-prefix "TCP standards not met: "
iptables -A INPUT -p tcp --tcp-option \! 2 -j REJECT --reject-with tcp-reset


#allowing all outbound traffic
iptables -A FORWARD --in-interface eth0 --out-interface eth1 -j ACCEPT

#rewrite all connections coming from private network to use eth1 addres and rewrite response
#appropriately

iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to-source 211.30.39.227

iptables -P INPUT DROP
****
 
Old 02-15-2004, 06:15 AM   #3
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387
Take a look here:

http://www.redhat.com/docs/manuals/l...ual/ref-guide/

Hopt this gets you going again.

Last edited by druuna; 02-15-2004 at 06:24 AM.
 
Old 02-15-2004, 06:18 AM   #4
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387
What errros do you see when you try to tun the script?
Is the script executable (for the user trying to execute it)?

A bit more info is needed to help you.
 
Old 02-15-2004, 06:36 AM   #5
rid00z
LQ Newbie
 
Registered: Sep 2003
Posts: 10

Original Poster
Rep: Reputation: 0
No it is not executable. I just copied the script text and saved it(it is the same script as i posted b4). Im not sure how to run scripts. The script is just a bunch of commands in a file named rc.firewall.

How can i run it normally? how can i add it to my startup?
 
Old 02-15-2004, 06:54 AM   #6
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387Reputation: 2387
Take a look at the url I gave you, this explains al there is to know about runlevels and how to automatically start programs when you enter a certain runlevel. I.e: you boot and end up with a graphical environment [gnome, kde,xfce etc], this is called rl5 (some distro's call it rl4). If you boot and end up with a command prompt (non-gui), you end up in rl3.

About executing scripts:

To make a script executable do the following:

chmod 750 <filename> Take a look at man chmod for details.

The above command gives read/write/execute rights to the owner of the file (the first rwx), read/execute rights to the group the file belongs to (second set of three: r-x) and the rest (world) has no rights (third three: ---).

If a file is not to be found in the $PATH setting, you need to give the (full) path, or cd to that path and execute it:

/some/strange/dir/my_little_program
or
cd /some/strange/dir/
./my_little_program


Hope this helps.

Last edited by druuna; 02-15-2004 at 06:55 AM.
 
Old 02-15-2004, 07:26 AM   #7
dominant
Member
 
Registered: Jan 2004
Posts: 409

Rep: Reputation: 30
if we set the runlevel to 3 in the /etc/inittab then linux acts as if the GUI had never been installed, am i right?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off




All times are GMT -5. The time now is 08:32 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration