Re: [Shorewall-users] IPTables commands

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On Monday 27 March 2006 07:35, Ray Booysen wrote:
> Hi all
>
> I need to run some iptables commands after shorewall has started.  I see
> /etc/shorewall/start and /etc/shorewall/started and I'm not positive on
> the difference.
> I am running 2.4.2 (hopefully upgrading on the weekend)

/etc/shorewall/start is run before Shorewall enters the running=20
state. /etc/shorewall/started is run after in enters the running state.

In /etc/shorewall/start, you may use the "run_iptables" function to run you=
r=20
iptables commands -- if a command fails, the firewall will be restored (if=
=20
there is a current restore script) or stopped.

In /etc/shorewall/started, the firewall is already started so you can=20
run /sbin/shorewall commands like "add" (provided that you use the "nolock"=
=20
option).

=2DTom
=2D-=20
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ te...@sh...
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key