On Wed, 20 Mar 2002, Evan Montgomery-Recht wrote:
Basicly I'm using SuSE 7.3 Pro, and I want to save the Firewall2 rules so that on boot-up these rules are used. Unfortunatly I'm not quite sure what has to <snip> Here's the commands.
iptables -N block_outside iptables -A block_outside -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A block_outside -m state --state NEW -i eth1 -j ACCEPT iptables -A block_outside -j DROP
iptables -A INPUT -j block_outside iptables -A FORWARD -j block_outside
Are you new to Unix/Linux administration? Welcome ... I think there are 3 reasonable alternative answers to your question, take your pick from below, but take a look at section 8.1 in the SuSE Network Manual ( 1. there is a simple ruleset built-in to SuSE Linux ... the way to activate it on each boot was recently mentioned on this list ... configure your system using yast2 or yast, and set the variable REJECT_ALL_INCOMING_CONNECTIONS="yes" yast automatically stores this in the file /etc/rc.config.d/security.rc.config for use each time the network starts up This tool is called SuSE Personal Firewall (package personal-firewall) 2. If you like your own iptables commands it is easy to customize the SuSE boot sequence (in 7.3 this matches the Linux Standards Based standard) Simplest is to add them to the end of the file /etc/init.d/boot.local if they are ok to run before the network starts. Otherwise Read The Fine Manuals on the "SuSE boot concept". It is covered in the Reference Manual, with a terse description of customization in 'man insserv'. The boot concept was designed by Linux wizards but is easily useable by mortals like me. 3. Install the susefirewall or firewall2 package. - it is very sophisticated and should meet your needs if you properly edit the configuration file, found in the directory: /etc/rc.config.d/ If you can't get it to do what you want, you could get it to include your own script of custom rules by following the directions in the configuration file. Hope this helps, dproc