From: Tom E. <te...@sh...> - 2006-03-27 16:05:48
|
On Monday 27 March 2006 07:35, Ray Booysen wrote: > Hi all > > I need to run some iptables commands after shorewall has started. I see > /etc/shorewall/start and /etc/shorewall/started and I'm not positive on > the difference. > I am running 2.4.2 (hopefully upgrading on the weekend) /etc/shorewall/start is run before Shorewall enters the running=20 state. /etc/shorewall/started is run after in enters the running state. In /etc/shorewall/start, you may use the "run_iptables" function to run you= r=20 iptables commands -- if a command fails, the firewall will be restored (if= =20 there is a current restore script) or stopped. In /etc/shorewall/started, the firewall is already started so you can=20 run /sbin/shorewall commands like "add" (provided that you use the "nolock"= =20 option). =2DTom =2D-=20 Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ te...@sh... PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key |