That works.... that's what I was looking for. But I still didn't get the working. dpkg-reconfigure iptables just make the symbolic links to /etc/init.d/iptables. Where does is say to start it. I mean calling /etc/init.d/iptables alone doesn't work and simply puts out the help.
Regards, Nabil. -----Original Message----- From: Didar Hussain [mailto:[EMAIL PROTECTED] Sent: Sunday, August 01, 2004 5:29 PM To: [EMAIL PROTECTED] Subject: Re: Debianised Firewall On Sun, Aug 01, 2004 at 02:31:21PM +0100, Sam Halliday wrote: > John Summerfield wrote: > > Sam Halliday wrote: > > >cheers... but i do not need a way to generate rules; i already know how > > >to do that. i just want to know if there is a standardised debian way of > > >loading up a firewall on startup... like a file i need to dump my > > >(customised) `iptables-save` output into. else i will just write my own > > >initscript. > > I know how to write in assembler too, but I generally don't. > > :-) yeah... but i actually have an iptables script lying around, so its just a case of copying it to /etc/init.d and making a symlink... but i'd prefer not to do such a homemade job of it. Well, I use the /etc/init.d/iptables script. It is pretty good, although the author seems to be self-depreciatingly skeptical about it :-) After you have your IPTables firewall loaded you can simply do: /etc/init.d/iptables save active This will save your firewall rules. Now, you can simply do: dpkg-reconfigure iptables select "yes" to the dialog box. This will create the appropriate symlink to /etc/init.d/iptables in /etc/rcS.d/, /etc/rc0.d/ and /etc/rc6.d/ HTH, Didar -- It's later than you think. Random signature generated by Signify v1.07 http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] DISCLAIMER: Bu elektronik posta ve ekleri, sadece yukarida ismi yazili alicinin dikkatine gonderilmistir. Mesajin muhatabi degilseniz, icerigini ve varsa ekindeki dosyalari kimseye aktarmayiniz ya da kopyalamayiniz. Boyle bir durumda gondereni uyarip, mesaji imha ediniz. KUVEYT TURK E.F.K. A.S bu e-postanin ve eklerinin icerdigi bilgilerin size degisiklige ugrayarak ulasmasindan veya gec ulasmasindan, butunlugunun ve gizliliginin korunamamasindan veya icerigine guvenilerek yapilacak islemlerden dolayi sorumlu tutulamaz. This e-mail & its content have been sent to the attention of the receiver named above. If you are not the intended recipient (or have received this e-mail in error), Please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Kuwait Turkish Evkaf Finance House shall not be held liable for the arrival of this e-mail & its content as modified or late, the protection of integrity and secrecy and shall not be liable to any person who acts or omits to do anything in reliance upon it.
