Re: [opensuse] iptables config file and reboot

On 2007-05-31 00:32, Stephan Schöffel wrote:
thanks for the hint. i'll think about that approach. yet there has to
be a file somewhere, where the yast firewall settings are stored. i
figured there is a file /etc/sysconfig/Susefirewall2 but it does not
like iptable entries to me. aint there a file where configuration is
saved except in a start script?
That file contains all the variables needed for /sbin/SuSEfirewall2,
which is the startup script, to set up the firewall. Except for a few
scripts, all the files in /etc/sysconfig only contain variables that
various start scripts need to set up the system. It is done this way
because there is no "one size fits all", especially with firewalls.

The proper approach is to do as Verner suggested, write a script in
/etc/init.d/ and link to it in the rc3.d and rc5.d directories.

There is a sample start script in /etc/init.d/skeleton. If you follow
the instructions in that, particularly those at the top pertaining to
services which must be running before the firewall is started and should
still be running when it is stopped, you can write a script that Yast's
system services (runlevel) configuration module will recognize. Then you
wouldn't have to create your own links, rather just write your script in
/etc/init.d/, run Yast and go to the runlevel module (Yast/services -->
System services (runlevel) ). In expert mode, find and highlight your
service name (eg. MyFirewall), enable it (if the script file is written
properly this will select the proper runlevels where it should start,
and also create the proper links in the correct rcN.d directories), and
start it. BTW, this is not SuSE-specific -- it is all part of the LSB.

--
Hypocrisy is the homage vice pays to virtue. - François de La Rochefoucauld


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

Relevant Pages

  • Re: RFC: my firewall ruleset(s)
    ... IPFW numbers rules that increment by 1. ... > The reasoning behind this is so I have a single firewall script for all ... Depending on the rc.conf entries on that server, the firewall ...
    (freebsd-questions)
  • Re: Turing of SP2 Firewall via registry entry?
    ... Group Policy that disables the firewall (see WF_XPSP2.doc ... Disabling the Use of Windows Firewall Across Your Network ... you create a script file that is read by ...
    (microsoft.public.windowsxp.security_admin)
  • Re: MS Security CD, wsh topic buried, non automated post (promise)
    ... Their stuff is for server is seems. ... you most likely want to script your 'access'. ... the firewall still inserted stuff in about every ... > Saying that you network drives may cease working. ...
    (microsoft.public.scripting.wsh)
  • Re: XPs Firewall
    ... How do you for example help people having just a single machine and an ... internet connection when a firewall is not available in their local ... script, or it's author? ... Yet all that guarantees is that if you download a script from my website ...
    (microsoft.public.security.virus)
  • Re: Bit Twister: Is this the dhclient-exit-hooks you were talking about?
    ... You change the script to do what you want it to do. ... firewall, but what you show here would pretty much bypass everything you ... # dhclient-script for Linux. ... wgets and then restart my firewall. ...
    (alt.os.linux)