Joe Morris (NTM) wrote:
On 09/20/2003 05:17 PM, Guy Zelck wrote:
What is the advised way of activating the ruleset made by fwbuilder on boot-up? Redhad & Mandrake have an init.d script called iptables which could picks this ruleset file up and configures iptables.
I know there's firewall2 on SuSE but could it be used for this task. I think not.
My advice would be to edit the /etc/sysconfig/SuSEfirewall2 config file, and use firewall2. It is a very good iptables script, and the config file is very well commented. This is the easiest, and it is well tested.
Easier is using the GUI fwbuilder provides. Well-known products like Checkpoint's FW1 have a GUI too.
You could use Yast, which has greatly improved as far as this is concerned, but I prefer to read all the comments while using an editor, which help to get a feel for how things interact. If you already have some iptables experience, and need to customize it further, you can add your own rules in a separate file, referenced at the end. HTH.
I had a look at the SuSEfirewall2 config file and you can call a script at the end but that file needs to use pre-defined function blocks. The trouble with manual editing is the learning curve and te fact that typos can breake the setup. From what I've seen I can only conclude that I'll have to port the iptables script to SuSE and use that. Thanks, Guy.