Damien Miller wrote:
>
> On 8 Sep 1999, Bryan C. Andregg wrote:
>
> > On 7 Sep 1999 21:06:22 -0400, Damien Miller <[EMAIL PROTECTED]> wrote:
> > >
> > >Is there a nice place that I can stash my per-interface IP packet
> > >filtering rules where they can be:
>
> [snip]
> > Write something yourself? :)
> >
> > It's all just shell you know.
>
> I know that, but where can I put it so it is not zapped by upgrades of
> initscripts?
>
> Would you consider putting hooks in the ifup and ifdown scripts to
> call user scripts?
>
> e.g.
>
> if [ -x /etc/sysconfig/network-scripts/user/ifup-pre-${CONFIG} ] ; then
> exec /etc/sysconfig/network-scripts/user/ifup-pre-${CONFIG}
> fi
>
> (start interface)
>
> if [ -x /etc/sysconfig/network-scripts/user/ifup-post-${CONFIG} ] ; then
> exec /etc/sysconfig/network-scripts/user/ifup-post-${CONFIG}
> fi
>
> And have something similar for ifdown?
These already exist... check out the ip-up and ip-down scripts in
/etc/ppp. They look for ip-up.local and ip-down.local, which is
where I put my filters.
-Scott
--
To unsubscribe:
mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
