On Fri, Jan 14, 2011 at 16:31, Bob Proulx <[email protected]> wrote: > Paul Cartwright wrote: > I think you did put that in there. It has that look. As to whether > it /should/ be there... well *I* wouldn't put it there. :-) I think > that type of reloading belongs elsewhere such as in an if-up.d/* > script. But I don't know about your firewall setup. I could guess > something like this in /etc/network/if-up.d/local-firewall using your > current config as a template. > > #!/bin/sh > case $IFACE in > eth*) > iptables-restore < /etc/firewall-rules > ;; > esac > exit 0 > > That will run your command whenever any eth* device is brought up. > > Personally I like the shorewall package quite a bit for setting up > firewalls.
I use ferm - it has a nice config file syntax that closely mirrors iptables command syntax, and it's been a set and forget thing since it "starts" during boot as an rc script in /etc/init.d/ by loading the firewall rules and you can use the stop start restart commands to enable/disable the firewall. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
