LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Ubuntu
Reload this Page How to write an IPtables script
User Name
Password
Ubuntu This forum is for the discussion of Ubuntu Linux.

Notices


Reply
  Search this Thread
Old 02-05-2007, 04:21 PM   #1
nick1
Member
 
Registered: Oct 2004
Posts: 47

Rep: Reputation: 15
How to write an IPtables script

Greetings,

I'm running Ubuntu 6.06LTS Server (command-line based, no GUI) and wish to configure IPtables. I have my script written and saved in a text file. At this point, I'm confused about several things. I've searched google and unfortunately have not found a clear explanation to my questions.

1.) How do I automatically execute the script at bootup?
--Do I need to change the file extension of the text file?
--Do I have to add "#!/bin/bash" to the top of the script?
--Where do I place the script, in the /etc/init.d directory?
--What permissions does the script need to run at bootup?

2.) Some IPtables scripts I've come across include the following:

modprobe ip_tables
modprobe ip_conntrack_ftp

My Ubuntu server is not providing FTP, just HTTP and SSH, so do I need to include these lines of code in my IPtables script?

Thank you for your time,

*Nick*
 
Old 02-05-2007, 05:46 PM   #2
Brian1
LQ Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 65
1.) How do I automatically execute the script at bootup?
Not sure where it can go on Ubuntu distros.

--Do I need to change the file extension of the text file?
No file extension needed. Adding .sh sort of identies it easier when ls listing files. It does need to be set with the execution permissions.
chmod -x name_of_script

--Do I have to add "#!/bin/bash" to the top of the script?
Yes it will need to be there for a bash script.

--Where do I place the script, in the /etc/init.d directory?
Look at other scripts in this section and find one that is quite simply. Edit it to use your script. Then you need to links of the script in /etc/rc3.d, rc4.d, rc5.d. A soft link to the one in /etc/init.d but rename the beginning to S99name_of_script. This means Start and will be the last thing to start. K is for Kill. Read up on Runlevels to see what the differences are.

--What permissions does the script need to run at bootup?
If listed like above then nothing needed. Best root owns it.

modprobe ip_tables
modprobe ip_conntrack_ftp
Not needed usually. Thay load once the iptable command is called ususally. But it does not hurt to add to the script.

My Ubuntu server is not providing FTP, just HTTP and SSH, so do I need to include these lines of code in my IPtables script?
If not needing any open ports then the a line that says everything closed should do the trick.

Brian
Last edited by Brian1; 02-05-2007 at 05:48 PM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables (with masq) troubleshooting, very simple script attached script and logs. xinu Linux - Networking 13 11-01-2007 04:19 AM
script to write to a cd nasirdaudahmad Linux - Hardware 3 01-23-2007 11:45 PM
How should I write the iptables rule for Samba? Xstar Linux - Networking 2 02-11-2006 05:24 AM
How to write a Script Blake Linux - Software 6 07-18-2004 11:41 AM
My iptables script is /etc/sysconfig/iptables. How do i make this baby execute on boo ForumKid Linux - General 3 01-22-2002 07:36 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Ubuntu

All times are GMT -5. The time now is 06:32 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration