Hello Dave,
The SysV script is hanging out with the rest of them at...
/etc/rc.d/init.d/ipchains
It uses a config file at...
/etc/sysconfig/ipchains
In here goes all of the rules you want to activate.
I know what you mean about the rc.local thing, but as I said I was in a
hurry and had to get it working somehow. I don't even have a 6.2 machine
myself yet. I had a request for a simple IPMASQ box to be set up on an old
486. I said "No Problem" it should only take an hour to set up. Of course I
had a nice new copy of 6.2 sitting on CD from a recent download and I was
too anxious to install it and didn't read up on it first. It only had a
250meg drive so I did a lean install(almost no docs) and set it up like my
5.1, 5.2, and 6.1 machines, and sent it off to be installed. Upon delivery,
it wouldn't pass any packets. Fortunately, it was going to a full time
connection and I was able to telnet in.(Yes, this machine should have a
firewall, but some people are very hard to convince still) Well, with the
client looking over the tech's shoulder, I had to get it running quickly and
what I suggested is what I had done. Since I don't have a local machine to
play with(yet), I can't tell you any more then that. I was very upset that I
had to look bad because putting the stuff in rc.local didn't work.
Unfortunately, I have found that far too many times I have encountered a
"This should have worked", that didn't. But I still wouldn't trade it for
NT.
I would be happy to hear anything else that works in this case since it will
still be a couple of weeks before I even consider changing my 6.1 machines
over since they are still running strong and stable.
--
Best regards,
Brian Ashe
CTO
[EMAIL PROTECTED]
http://www.dee-web.com/
Tuesday, April 18, 2000, 2:11:22 PM, you wrote:
DR> Where is this new RedHat ipchains script? I thought rc.local was the
DR> last thing run at startup. If so, running ipchains -F first should
DR> get rid of everything and then run your ipchains script - correct?
DR> Thanks,
DR> Dave
>> From: Brian Ashe <[EMAIL PROTECTED]>
>>
>> Hello Edward,
>>
>> I had the same problem. I was in a hurry to get the thing running, probably
>> should have stuck with 6.1, but I didn't know it was going to be different, so I
>> didn't document the differences very well but here it goes anyway. Hopefully
>> I give you the right info.
>>
>> Here is what I noticed/did.
>>
>> Apparently, Redhat decided to make a nice little SysV script for ipchains.(I
>> ,at least, did not know it was there when I started.)
>> The first thing this script does is wipe out user defined rules.
>> So after muddling along wondering why my rc.local stuff wasn't working I
>> finally read the script.
>> What I did was just go with the flow.
>> I put the "echo "1" > /proc/sys/net/ipv4/ip_forward" in rc.local.
>> Then I entered my rules on the command line.(It was just easier that way. If
>> there are a lot of rules you may want to edit the file directly.)
>> Then I executed "/etc/rc.d/init.d/ipchains save" and it writes the file in
>> "/etc/sysconfig/ipchains".
>> I then restarted, network and inet and it worked. These last two things may
>> not be necessary, but I did them, and like I said I wasn't paying a lot of
>> attention I just wanted it up and running fast and get out.
DR> <snip>
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
