Hi,

I have just configured my first ever Linux proxy server for work and all seems to be working well as all clients can connect to the Internet O.K. It has been an enjoyable challenge and I look forward to working with Linux more.

What I want to learn how to do now is configure iptables so I am able to lock down my network a little more.

What I am having problems with is setting up the startup scripts to do this. I have found some iptables scrips on the net and I want them to run at startup.

What is the correct syntax to run a script called - for example - start.sh (located in /root) from the /etc/rc.local file. Do I put the script in the /root directory or do I place it somewhere else?

Once this has been done, is it possible to confirm that the script has been run?

I hope this makes some kind of sense

I am running Mandrake 10.1

Cheers,

Gerald

You should really install the Shorewall and webmin rpm's...

Then you can easily configure all of this via the WEB interface.

Shorewall is a "front end" for IPtables, and webmin is it's GUI, so to speak.

The documentation is a little sparse but what I did is I initally edited the existing config files until I had something that worked, then went into the Web interface to fine tune the stuff.

This let me see where the web interface changes affected the files and taught me all about ACL's...

Give it a shot...

Otherwise the "proper way" is to run your script once, then run 'iptables-save > /etc/sysconfig/iptables'
This saves the running rules to a file in /etc/sysconfig.
Run 'chkconfig iptables on' , reboot, run 'iptables -L -n' and watch your rules in action.

- Peder