On 10/12/2011 10:55 AM, Joshua J. Kugler wrote:
> On Wednesday, October 12, 2011, Christopher Howard elucidated thus:
>> On 10/12/2011 12:39 AM, Joshua J. Kugler wrote:
>>> On Tuesday, October 11, 2011, Christopher Howard elucidated thus:
>>>> The official community doc just says to use the
>>>> iptables-save command, but I think that only drops the rules to
>>>> STDOUT.
>>>
>>> Right, which dumps them in a format that can then be fed to
>>> iptables- restore. That's exactly the way you want to save them.
>>> Where/how would you save them otherwise?
>>>
>>> j
>>
>> Right, that is of course the mechanism used to save and restore. But
>> of course someone has to decide where the data is saved to and
>> restored from, and during what part of the boot process this
>> happens. Presumably this would be done by an init script, but I
>> cannot find an init script named "iptables", so I am wondering if I
>> need to add one myself, or if it has a different name, or...?
>>
>> Furthermore, I am wondering: if I can find no "iptables" init script,
>> how do I even control whether or not the iptables service is starting
>> at boot?
>
> Ah, I see what you mean now. I've never started/stopped iptables at
> boot/shutdown. I've always used a higher-level interface, shut as
> Shorewall.
>
> What distribution are you using? One a RHEL5 system I admin, there is
> an 'iptables' script in /etc/init.d, owned by the iptables package. The
> debian package does not seem to have this. But even the RHEL init
> script does not seem to use iptables-save/restore.
>
> j
>
Ubuntu 11.04 on a server. (no GUI).
# cat /etc/motd
Welcome to Ubuntu 11.04 (GNU/Linux 2.6.18-238.9.1.el5.028stab089.1 x86_64)
* Documentation: https://help.ubuntu.com/
# runlevel
N 2
# ls /etc/rc2.d/ -l
total 4
-rw-r--r-- 1 root root 677 Mar 29 2011 README
lrwxrwxrwx 1 root root 18 Oct 12 05:22 S10sysklogd -> ../init.d/sysklogd
lrwxrwxrwx 1 root 500 19 Oct 12 05:22 S10vzquota -> /etc/init.d/vzquota
lrwxrwxrwx 1 root root 24 Oct 12 05:22 S20modules_dep.sh ->
../init.d/modules_dep.sh
lrwxrwxrwx 1 root root 19 Oct 12 05:22 S20saslauthd -> ../init.d/saslauthd
lrwxrwxrwx 1 root root 18 Oct 12 05:22 S21sendmail -> ../init.d/sendmail
lrwxrwxrwx 1 root root 14 Oct 12 05:22 S75sudo -> ../init.d/sudo
lrwxrwxrwx 1 root root 18 Oct 12 05:22 S99rc.local -> ../init.d/rc.local
-- frigidcode.com theologia.indicium.us --------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.Received on Wed Oct 12 13:15:24 2011
This archive was generated by hypermail 2.1.8 : Wed Oct 12 2011 - 13:15:24 AKDT