Menu
▾
▴
Re: [Devil-Linux-discuss] fw question
|
From: Moray M. <mmc...@ox...> - 2006-06-06 16:32:58
|
Is it possible you are not running the script as root? Also, it's = probably just a typo in your mail, but you wrote in your email = "specially usr/bin/ip", and the script says /usr/sbin/ip... ? M. -------------------------------------=20 Moray McConnachie IS Manager +44 1865 261 600 Oxford Analytica http://www.oxan.com -----Original Message----- From: dev...@li... = [mailto:dev...@li...] On Behalf Of = gro...@un... Sent: 06 June 2006 17:20 To: dev...@li... Subject: Re: [Devil-Linux-discuss] fw question Hi Moray. I had already tried that, but when I run /etc/init.d/firewall.rules = there's a message that says "iproute not found" and the rules aren't = reloaded. I don't know why but when I reboot this doesn't happen and the = script runs normally. Next is part of the script where I think the mistake must be in: LSMOD=3D"sbin/lsmod" MODPROBE=3D"sbin/modprobe" IPTABLES=3D"usr/sbin/iptables" IPTABLES_RESTORE=3D"usr/sbin/iptables-restore" IP=3D"usr/sbin/ip" LOGGER=3D"usr/bin/logger" if $IP link ls >/dev/null 2>&1; then echo; else echo "iproute not found" exit 1 fi echo 1 > /proc/sys/net/ipv4/conf/all/accept_redirects echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout echo 1800 > /proc/sys/net/ipv4/tcp_keepalive_intvl I checked all the routes (specially usr/bin/ip) and they are correct = (besides, it works fine when I reboot, as I said). Something important I ommited before: the machine running DL boots from = a CD and loads etc.tar.bz2 from the floppy drive, it has no hard drive. Any clues? Thanks Gustavo Mensaje citado por Moray McConnachie <mmc...@ox...>: > Sorry, my mistake, didn't quite read it correctly. I see that you are=20 > updating the copy on the floppy (presumably in the archive file). Best = > would be to update the file on the server first (before updating on=20 > the floppy), then you can test it before you save it to the config.=20 > You can get it onto the server using scp, if your server is running=20 > ssh. Then you can run it using /etc/init.d/firewall.rules to test. > > Once it is on the server, you can save it (like your whole config)=20 > with save-config, or write it directly on the floppy the way you have = been. > > Yours, > Moray > > > ------------------------------------- > Moray McConnachie > IS Manager +44 1865 261 600 > Oxford Analytica http://www.oxan.com > > -----Original Message----- > From: Moray McConnachie > Sent: 06 June 2006 15:34 > To: 'dev...@li...' > Subject: RE: [Devil-Linux-discuss] fw question > > Yes, just run the rules using /etc/init.d/firewall.rules. > > M. > > > ------------------------------------- > Moray McConnachie > IS Manager +44 1865 261 600 > Oxford Analytica http://www.oxan.com > > -----Original Message----- > From: dev...@li... > [mailto:dev...@li...] On Behalf=20 > Of gro...@un... > Sent: 06 June 2006 15:30 > To: dev...@li... > Subject: [Devil-Linux-discuss] fw question > > Hi all! > I'm a really new user in DL world so I apologize if this is a dumb = question. > I configured it to use as a firewall with fwbuilder to generate rules. > I=B4ve installed fwbuilder in another machine which I use to compile = the=20 > rules and update /etc/init.d/firewall.rules in the floppy. Then I=20 > reboot the firewall so it loads the new configuration. The question=20 > is: is there a way I can reload the firewall's rules avoiding a = reboot? > Thank you very much > > Gustavo > > --------------------------------------------------------- > Este mensaje ha sido enviado desde WebMail UNR usando IMP > > > > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > > > > > > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > --------------------------------------------------------- Este mensaje ha sido enviado desde WebMail UNR usando IMP _______________________________________________ Devil-linux-discuss mailing list Dev...@li... https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss =20 |
