Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
Re: AW: [suse-security] Loading firewall script on boot time
  • From: Andy Bennett <andy@xxxxxxxxxxxxxxxxxxxxx>
  • Date: Wed, 30 Jul 2003 15:43:43 +0100
  • Message-id: <200307301543.43503.andy@xxxxxxxxxxxxxxxxxxxxx>

No problem...

Regarding the point in question, though, can I just enquire why Knut is
'cooking his own' script rather than using the SuSEfirewall and custom-script
route. It's pretty flexible and you don't need to worry about how to
start/stop them.


On Wednesday 30 July 2003 13:17, Maxim Cherniavsky wrote:
> Andy Bennett wrote:
> >Hi,
> >
> >Isn't this what the yast runlevel editor does for you??
> Linux makes people lazy :)
> Linux boot system is like classical System V, which consist of
> directrories rc1.d, rc2.d ... (run levels)
> where you have scripts which begins with "Snn" (statrup script) and
> "Knn" (kill script)
> In case of firewall i think the good way to start it after the network is
> up /etc/init.d/rc3.d/S05network start
> P.S. I did not mean to offend anybody in any way :)
> >Andy
> >
> >On Wednesday 30 July 2003 11:14, Ulrich Roth wrote:
> >>Hi, Knut Erik,
> >>
> >>>Why is my fwscript not loaded at boot time? When i do these steps
> >>>manually, it will work.
> >>
> >>You should put your script into /etc/rc.d. Then you have to
> >>create a symbolic link in /etc/rc.d/rcX.d which points to your script.
> >>X is the number of your default runlevel. If you don't know your default
> >>runlevel, you can have a look at /etc/inittab. There it is defined.
> >>The name of the link should begin with S and a high number, e.g.
> >>S99, because it should be the last script to be executed.
> >>But take care if you install any additional packets afterwards.
> >>The system will compute the sequence of the startup scripts
> >>again, and your script will then start with S00. This is because
> >>some info in your script is missing which tells the system, namely
> >>the program insserv, which other scripts/services/daemons have
> >>to be started before. I haven't gone very deep into this subject yet.
> >>If the SuSE guys have additional info, I appreciate it.
> >>Bye
> >> Uli

< Previous Next >