This is a great solution for users of the 2.0.xx kernel, but last week I
migrated to 2.2.0 and gave myself a TON of new work to get ipmasq'ing
running again. Bascially, ipfwadm is no longer a valid utility and has
been replaced by ipchains. Here is what I wound up doing on my RedHat
5.1 box:
1)
In the RedHat distro, most IP related services are started from links
created in /etc/rc.d/rc2.d. These links point back to script stored in
/etc/rc.d/init.d. I created a script called "diald" in /etc/rc.d/init.d
that looks like this:
+++++++++++++++++++++Start Here++++++++++++++++++++++++
#!/bin/sh
#
# Startup script for the DIALD
#
# Source function library.
. /etc/rc.d/init.d/functions
# See how we were called.
case "$1" in
start)
echo -n "Starting diald: "
daemon /usr/sbin/diald
echo
touch /var/lock/subsys/diald
;;
stop)
echo -n "Shutting down diald: "
[ -f /var/run/diald.pid ] && {
kill `cat /var/run/diald.pid`
echo -n diald
}
echo
rm -f /var/lock/subsys/diald
rm -f /var/run/diald.pid
;;
status)
status diald
;;
restart)
$0 stop
$0 start
;;
reload)
echo -n "Reloading diald: "
[ -f /var/run/diald.pid ] && {
kill -HUP `cat /var/run/diald.pid`
echo -n diald
}
echo
;;
*)
echo "Usage: $0 {start|stop|restart|reload|status}"
exit 1
esac
exit 0
+++++++++++++++++++++++++++END SCRIPT+++++++++++++++++++++++++++++
OK, I actually copied the Apache script and "rewrote" it to start diald
instead of httpd.
I created a symlink to the script called "K15diald". Looking at the link
in /etc/rc.d/rc2.d we see:
lrwxrwxrwx 1 root root 15 Jan 27 23:00
/etc/rc.d/rc2.d/K15diald -> ../init.d/diald
2)
I downloaded and installed the ipchains utility needed to replace the
old ipfwadm util.
3)
At the end of my /etc/rc.d/rc.local I added:
/usr/sbin/diald
/usr/sbin/ipmasq-go
Obviously /usr/sbin/diald is the diald binary. I have a habit of storing
my scripts (ipmasq-go) in /usr/sbin for a strange reason - you can put
them anywhere. /usr/sbin/ipmasq looks like:
ipchains -F input
ipchains -F output
ipchains -F forward
ipchains -P input ACCEPT
ipchains -P output ACCEPT
ipchains -P forward MASQ
Pollywog wrote:
>
> On 01-Feb-99 Bob Hartung wrote:
> > All,
> >
> > I have managed to get diald and masquerade working from the command
> > line. Now as a relative newbie to Linux I need to show my ignorance of
> > the boot process. I do not know what to put in the rc.local file or
> > other files to autostart diald when I boot up the machine. I know what
> > to put in for my simple forwarding rules but I'm not sure if they just
> > go into rc.local or some other rc?? file.
>
> I have the following in my /etc/rc.d/rc.local
>
> /etc/rc.d/rc.firewall # the file with my ipfwadm rules
> /usr/sbin/diald # to start diald when the machine boots
>
> rc.firewall contains:
>
> #!/bin/sh
> # IP Masquerade
> /sbin/ipfwadm -F -p deny
> /sbin/ipfwadm -F -o -a m -S 192.168.1.0/24 -D 0.0.0.0/0
> #
> and other ipfwadm rules.
>
> --
> Andrew
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-diald" in
> the body of a message to [EMAIL PROTECTED]
--
John J. LeMay Jr.
NJMC, LLC.
http://www.njmc.com
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
