On Wed, 25 Jul 2001, R. Hamburg wrote:
> Hi,
>
> Quick question:
>
> I have installed IPchains. And have added some ip to block. However I
> understand that when you have reboot the server all
> /sbin/ipchains -I input -s 203.232.240.215 -j DENY -l
> /sbin/ipchains -I input -s 63.25.226.171 -j DENY -l
> are lost.
> So I thought adding this lines to /etc/rc.d/rc.local
> But I wondering right wheter the lines added to the bottum should be closed
> by an 'fi' command, like all other entries in the rc.local file ??
>
> is this correct so the list must look like this:
>
> /sbin/ipchains -I input -s 203.232.240.215 -j DENY -l
> /sbin/ipchains -I input -s 63.25.226.171 -j DENY -l
> fi
>
> or can I just them and no fi command at the end ?
>
> Thanks for your advice
>
> - Robbert
>
"fi" tells the shell-parser that here ends the block of an "if" rule
statement.
In other words, after a fi, all lines will be executed, no matter what.
(unless there's a new if)
In short, either write it in the very begining, or the very start. No fi's
needed.
Also a nice idea, is to create a file, say "customcommands" in /etc, chmod
700 it, and call it from rc.local. then you put all the things you want on
boot on that file, and you don't touch rc.local too much. That's only a
suggestion, though.
( i mean a batch file, yes? where the first line is: #!/bin/sh )
- shimi.
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
