On Monday 02 December 2019 04:35:26 Andrei POPESCU wrote: > On Du, 01 dec 19, 22:28:43, Gene Heskett wrote: > > It, iptables, did not get restarted on the fresh boot, so obviously > > the systemd manager hasn't been informed to start iptables, > > reloading from /etc/iptables/saved-rules. > > To my knowledge Debian doesn't include anything like this by default. > > > So 1. how do I query systemd to determine if it should have started > > iptables, and if not, 2. what is the command to set it so it does > > start iptables at bootup? > > You might want to install iptables-persistent, otherwise you'll have > to roll-out your own solution. > > With systemd the generic solution would look like: > > 1. Write a script that does what you want > 2. Write a corresponding .service unit describing how / when it's run > 3. Tell systemd to use your .service unit. > > In the particular case of iptables instead of writing a script you > should probably just reuse your existing rules file and load that with > an 'iptables-restore' from the .service unit. > > We are quite far from the original topic so I would suggest you start > a new thread in case you need assistance with this. > I did find the syntax for iptables-restore and have that working as I'd been doing a new iptables-save everytime I added a new rule. So I've got most of them muzzled again.
But you're right, the thread has drifted as I looked for a solution for the DDOS I was suffering from. > Kind regards, > Andrei Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) If we desire respect for the law, we must first make the law respectable. - Louis D. Brandeis Genes Web page <http://geneslinuxbox.net:6309/gene>
