LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-18-2006, 03:36 PM   #1
EAD
Member
 
Registered: Mar 2006
Distribution: ARCH linux
Posts: 137

Rep: Reputation: 15
Question iptables


Hii, I want to use iptables , I am using ARCH linux, How can I make it load and make config at boot please?
 
Old 03-18-2006, 04:02 PM   #2
tuxrules
Senior Member
 
Registered: Jun 2004
Location: Chicago
Distribution: Slackware64 -current
Posts: 1,144

Rep: Reputation: 56
Quote:
Originally Posted by EAD
Hii, I want to use iptables , I am using ARCH linux, How can I make it load and make config at boot please?
I suggest a book to do that or may be a short/quick tutorial available on the web. Search google for it. The book would be Linux Firewalls (Third Edition) ISBN: 0672327716. You would have to put those rules in a bash script and then run the script at boot time (probably by calling it from rc.local). Try to search arch linux forums on arch linux site.

Tux,
 
Old 03-18-2006, 04:58 PM   #3
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,568

Rep: Reputation: 164Reputation: 164
The system starts a number of different configuration tools (with configuration data) at boot. Firewall uses something like /etc/init.d/firewall. Sometimes, if you have quite an advanced script, it's not called 'firewall' and the script name is used instead.

To make a script run at boot:
1. Find your runlevel. That's simple. Just run 'runlevel'. You'll get a number. That's your runlevel.
2. Copy your script to /etc/rcX.d where X is your runlevel. The scripts have names like S10firewall. S means to start it, 10 is a number that shows the order the script are run. Files like S10firewall are usually symlinks (symbolic links) to files in /etc/init.d. Copy your script to /etc/rcX.d directly or to /etc/init.d and make a symlink.
 
Old 03-18-2006, 05:27 PM   #4
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,396
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
iptables is a kernel module that is probably linked to your kernel, and is also a userland program that communicates with the aforementioned kernel module. By itself, the kernel module does nothing. To configure it to do it's work, you send it messages, using the userland iptables command. This is done repetitively, until the desired state is reached. Typically, the series of iptables commands is encapsulated in a script, and typically this script is run as some part of the boot sequence. The mechanics of setting up the boot-time scripts is a separate matter, and is well documented 'out there'.

As well, there are packages out there that provide a gui for hand-holding and guidance in building up the script(s). These are sometimes referred to (incorrectly) as firewalls. I, personally, prefer to use a ready-made script called HomeLANSecurity, which a generous person made publicly avalailable. This is a package which allows a linux host to perform as a router/firewall for a local LAN connected to the interenet. I found it easy to understand, and also easy to add a few features for my specific application. There are numerous other packages that are similar in nature. Note that there is no 'best overall' iptables setup, because each situation has different requirements and emphases.

Setting up an iptables based firewall requires a combination of skills in iptables itself, shell scripting, and boot-time configuration. Much of the latter is dependent on your distribution, and other special requirements.

Hope this points you in the right direction.

--- rod.

Last edited by theNbomr; 03-18-2006 at 05:29 PM.
 
Old 03-19-2006, 02:39 AM   #5
EAD
Member
 
Registered: Mar 2006
Distribution: ARCH linux
Posts: 137

Original Poster
Rep: Reputation: 15
Yep tanx guys!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
An error occured getting IPtables status from the command /etc/rc.d/init.d/iptables s CrazyMAzeY Linux - Newbie 10 08-12-2010 06:25 AM
iptables v1.2.9: Unknown arg `/sbin/iptables' Try `iptables -h' or 'iptables --help' Niceman2005 Linux - Security 4 12-29-2005 09:20 PM
IPtables Log Analyzer from http://www.gege.org/iptables/ brainlego Linux - Software 0 08-11-2003 07:08 AM
iptables book wich one can you pll recomment to be an iptables expert? linuxownt Linux - General 2 06-26-2003 05:38 PM
My iptables script is /etc/sysconfig/iptables. How do i make this baby execute on boo ForumKid Linux - General 3 01-22-2002 08:36 AM


All times are GMT -5. The time now is 03:17 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration