[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] Re: Firewall Stuff

To: "Sheflug" <sheflug [at] vuw.ac.nz>
Subject: Re: [Sheflug] Re: Firewall Stuff
From: "Chris J/#6" <nospam [at] nccnet.co.uk>
Date: Sun, 07 Jan 2001 18:37:36 +0000
List-help: <http://www.sheflug.co.uk>
List-owner: <mailto:sheflug-admins [at] vuw.ac.nz>
List-post: <mailto:sheflug [at] vuw.ac.nz>
List-subscribe: <mailto:sheflug-request [at] vuw.ac.nz?Subject=subscribe>
List-unsubscribe: <mailto:sheflug-request [at] vuw.ac.nz?Subject=unsubscribe>
Reply-to: "Sheflug" <sheflug [at] vuw.ac.nz>
Sender: chris [at] infinitum.madhouse
Sender: sheflug-bounce [at] vuw.ac.nz


> Chris
> 
> The script and the docs do confuse me quite a bit.  I see that it's
> for SuSE 6.2.  Could be good with my own SuSE 7.0 system.  Suppose I
> just use my own script and get it to start at boot time.  Would the
> instructions for copying into /etc/rc.d/rc2.d and then doing ln -s
> ./init.d/firewall S06firewall be ok for starting my own firewall
> script ?  Or, would I put it somewhere else ?
> 

Pretty much - the S06 prefix to the script name defines what the script is to 
do and the start order of the scripts in rc<x>.d. Programs beginning 
Sxx<script> are start scripts, K<xx> are kill (shutdown) scripts. The rc 
master script passes a "start" parameter to S scripts and "stop" to K 
scripts. For what you'll be doing, I can't see a reason to actually look at 
the parameter, providing you only link it as an S script.

The start position may be more important - the best place to set a firewall 
up generally is before any network interfaces are configured - this means 
there isn't a brief hole that people can break through. But on a dial-up 
machine, this is less of a problem (your machine isn't online when booting is 
it)? The earlier the better, really. Use your judgement :) Scripts are ran in 
numerical sequence (cunningly enough).

The final point is the directory you put it in. rc2.d is for programs 
starting in run-level 2...rc1.d for runlevel 1, and rc3.d for runlevel 3 
(obvious really) - make sure you sym-link the script to the correct directory 
that you run your system in (I don't know what your default runlevel is :) 
You can check the runlevel by running "runlevel", and the default runlevel by 
looking for initdefault in /etc/inittab (the line reads summat like 
"id:3:initdefault:" - so on my machine, 3 is the default).

Once you've decided and found which runlevel you want and when you want it to 
start, simply copy your script into /etc/rc.d/init.d (though this isn't 
really nessecery - it's more convention), then:
	cd ../rc<runlevel>.d
	ln -s ../init.d/myfirewallscript S<xx>myfirewallscript

Dunno if I've covered ground you already know about, but that should be the 
lot explained there :)

Chris...


-- 
Chris Johnson            \  "If not for me then, do it for yourself. If not
sixie@nccnet.co.uk        \  for then do it for the world." -- Stevie Nicks
www.nccnet.co.uk/~sixie/   ~---------------------------------------+
Redclaw chat - http://redclaw.org.uk - telnet redclaw.org.uk 2000   \______


---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.

Follow-Ups:
- [Sheflug] Re: Firewall Stuff
  - From: Richard <richard [at] sheflug.co.uk>

References:
- [Sheflug] Re: Firewall Stuff
  - From: Richard <richard [at] sheflug.co.uk>

Prev by Date: [Sheflug] Re: Firewall Stuff
Next by Date: Re: [Sheflug] Netscape and Java ...
Prev by thread: [Sheflug] Re: Firewall Stuff
Next by thread: [Sheflug] Re: Firewall Stuff
Index(es):
- Date
- Thread