On Fri, Jan 14, 2011 at 16:31, Bob Proulx <b...@proulx.com> wrote: > Paul Cartwright wrote: > I think you did put that in there. It has that look. As to whether > it /should/ be there... well *I* wouldn't put it there. :-) I think > that type of reloading belongs elsewhere such as in an if-up.d/* > script. But I don't know about your firewall setup. I could guess > something like this in /etc/network/if-up.d/local-firewall using your > current config as a template. > > #!/bin/sh > case $IFACE in > eth*) > iptables-restore < /etc/firewall-rules > ;; > esac > exit 0 > > That will run your command whenever any eth* device is brought up. > > Personally I like the shorewall package quite a bit for setting up > firewalls.
I use ferm - it has a nice config file syntax that closely mirrors iptables command syntax, and it's been a set and forget thing since it "starts" during boot as an rc script in /etc/init.d/ by loading the firewall rules and you can use the stop start restart commands to enable/disable the firewall. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktimjz0kwzlrc-a4aca_ektisj3y3j_+ndsqnm...@mail.gmail.com
