|
autostart iptables script on system startup
How to autostart an iptables script on system startup? I tried putting the path of the script in /etc/rc.d/rc.local and found that it doesn't get executed on system startup.
Is there any other tools i can use for checking the vulnerability of my system? Where is the location of the iptables log files? is there any tools to analyst the log? Any insights are very much appreciated. Thanks.. |
put it in /etc/rc.local - this is exected at every bootup.
A lot of tools are available: nmap (nmapfe - gui based) snort or google around for 'port scanners'. u can find out some iptables status under /proc (yah, it's somewhere there) but i normally include the logging feature in the iptables ruleset with something like this: iptables -A INPUT -j LOG --log-prefix "INPUT_DROP: " iptables -A OUTPUT -j LOG --log-prefix "OUTPUT_DROP: " this will then visible via /var/log/messages file. hth. |
You also might want to make sure that your firewall script is executable because having ./path/to/firewall/firewall.script in your rc.local should work. Personally, I've got a similar statement in my rc.M so that the iptables script runs before the network card gets an IP address.
|
| All times are GMT -5. The time now is 02:43 PM. |