On March 12, 2003 12:36 am, Paulo Jorge de Oliveira Cantante de Matos wrote:
If I need to run a line during every reboot, something like: iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
What should I add to rules-save? I tried to add the above line with no modifications but an error occurs during reboot.
i don't know if it's a bad idea or not, but i just wrote my super long iptables script and put it in /etc/init.d/ and added it to /runlevels/default
that way i didn't have to run iptables-save any time i wanted to edit or start/stop my firewall.
iptables, like any proper service in Gentoo, already has an /etc/init.d/iptables script, which can be started/stopped/reloaded the normal way.
As far as adding new rules goes, you are meant to simply add them as you would any running system, (execute the iptables command to add the rule to the running set), then, if you wish, perform a:
/etc/init.d/iptables save
Then, add iptables to the default (or boot) runlevel, like this: rc-update add iptables default
Now, the iptables init script will load your saved settings on start, and save them on stop.. which will be when the machine boots/shuts down respectively.
There really should be no need to create your own /etc/init.d/iptables, as this will just cause problems when it comes to updating iptables.
MAL
-- [EMAIL PROTECTED] mailing list
