> go in /etc/init.d/? What do I need to do with this file to get it to run > every time I boot? The actual content is copied below.
Actually, the easiest way to make sure the firewall rules are always on is to add this to your /etc/network/interfaces : # Bring up firewall pre-up iptables-restore < /etc/iptables.rules # And save fw state on shutdown post-down iptables-save -c > /etc/iptables.rules On Fri, Oct 10, 2008 at 10:04 AM, tyler <[EMAIL PROTECTED]> wrote: > Hi, > > I'm trying to learn how to firewall my laptop. I think I've got an > appropriate, simple iptables script, but I can't figure out where to put > it. Google provides lots of conflicting advice. I think it's supposed to > go in /etc/init.d/? What do I need to do with this file to get it to run > every time I boot? The actual content is copied below. > > Thanks, > > Tyler > > ######################### start ########################### > #### Clear the iptables #### > iptables -F > iptables -X > iptables -Z > iptables -t nat -F > iptables -t nat -X > iptables -t nat -Z > iptables -t mangle -F > iptables -t mangle -X > iptables -t mangle -Z > > #### Set default policy to drop all inbound and forwarded > #### packets, accept all outbound > iptables -P INPUT DROP > iptables -P FORWARD DROP > iptables -P OUTPUT ACCEPT > > #### Allow input from established connections #### > iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > > #### Allow input from localhost #### > iptables -A INPUT -i lo -j ACCEPT > > #### Allow icmp error messages #### > iptables -A INPUT -p icmp --icmp-type 3 -j ACCEPT > iptables -A INPUT -p icmp --icmp-type 11 -j ACCEPT > iptables -A INPUT -p icmp --icmp-type 12 -j ACCEPT > > #### REJECT ident requests #### > iptables -A INPUT -p tcp --syn --dport 113 -j REJECT --reject-with tcp-reset > > ############################# end ################################# -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
