[Server-devel] iptables generation (was Re: pppd restarting mysteriously)
Joshua N Pritikin
jpritikin at pobox.com
Tue Aug 11 02:15:15 EDT 2009
On Mon, Aug 10, 2009 at 08:55:55PM +0200, Martin Langhoff wrote:
> On Fri, Aug 7, 2009 at 2:15 PM, Joshua N Pritikin<jpritikin at pobox.com> wrote:
> > Here is the script I promised Martin.
>
> Right - thanks for that! I assume it works well and it's been tested
> for normal and ppp0 connectivity over there. How do you trigger it?
/etc/init.d/iptables sets IPTABLES_CONFIG to
/etc/sysconfig/iptables-config and runs it.
I'm not sure what /etc/sysconfig/iptables-config.in is for. It seems to
be ignored.
> Can you load the ruleset even if ppp0 is down?
Yes.
> I am wondering -- do we want local admins teams to be able to add
> rules relatively easily, in normal iptables syntax (meaning they can
> copy rules from books and howtos)? If so, a template to run through
> 'sed' might work better?
>
> What do you think?
See my attempt, attached.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Automate-iptable-rules-generation.patch
Type: text/x-diff
Size: 0 bytes
Desc: not available
Url : http://lists.laptop.org/pipermail/server-devel/attachments/20090811/483115a8/attachment.patch
More information about the Server-devel
mailing list