Hi,
I have my ipchains being loaded at the moment by 'PMfirewall', so I thought
I would have a good read through the IP Masq and Firewall HOWTO's and learn
how to set this stuff up myself without the help of tools. This task was
easy enough, however, I would really like it if my ipchains would be loaded
whenever I connect to the internet instead of having to manually do it each
time. From the example in the Firewalling HOWTO I have created a script
that will load my ipchains rules when 'packetfiler start' is run and
created a simlink to this script in my rcS.d directory.
#! /bin/sh
# Script to control packet filtering.
# If no rules, do nothing.
[ -f /etc/ipchains.rules ] || exit 0
case "$1" in
start)
echo -n "Turning on packet filtering:"
/sbin/ipchains-restore < /etc/ipchains.rules || exit 1
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "."
;;
stop)
echo -n "Turning off packet filtering:"
echo 0 > /proc/sys/net/ipv4/ip_forward
/sbin/ipchains -F
/sbin/ipchains -X
/sbin/ipchains -P input ACCEPT
/sbin/ipchains -P output ACCEPT
/sbin/ipchains -P forward ACCEPT
echo "."
;;
*)
echo "Usage: /etc/init.d/packetfilter {start|stop}"
exit 1
esac
exit 0
I have also added the line 'ipchains-restore -f < /etc/ipchains.rules' to
my 'pon' script (which starts pppd in Debian), which it also said to do in
the HOWTO, however none of it is working.
If I run 'packetfilter start' it does echo the "Turning on packet
filtering:" line but thats about it as I dont get any chains loaded. When I
connect to the internet using pon it also does nothing.
Could someone please tell me what I am doing wrong?
Thanks in advance,
Adam.
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
