Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: save firewall rules
« previous next »
Pages: [1]   Go Down

save firewall rules

  • 5 Replies
  • 1071 Views

Offline commanda

  • **
  • 30
  • +0/-0
    • http://swafl.org (not smeserver)
save firewall rules
« on: April 04, 2004, 06:15:11 AM »
SME 6.0 final using iptables.
I've added some firewall rules for lan to lan pptp from the sme box to a network behind a windows 2000 server.

I'm adding the rules from the command line using
# iptables --insert (etc)
and everything's fine, I then save it using
# service iptables save
which it reports as
Saving current rules to /etc/sysconfig/iptables:  [OK ]

but the new rules don't survive a reboot.

What's the correct procedure to save the firewall rules.

Amanda
Logged
...

bobk

Re: save firewall rules
« Reply #1 on: April 04, 2004, 06:38:38 AM »
Quote from: "commanda"
What's the correct procedure to save the firewall rules.

Amanda


Do a search using "iptable rules".

Try this HowTo

http://no.longer.valid/phpwiki/index.php/How%20To%20SME-Masq-manager

The template fragments for iptables are located at /etc/e-smith/templates/etc/rc.d/masq/

You will need to create a custom template fragment in /etc/e-smith/templates-custom/etc/rc.d/masq/ for your additions/changes to survive an update.

For more information on custom template fragments do a search using 'templating'.
Logged

RavenIV

save firewall rules
« Reply #2 on: April 05, 2004, 01:54:56 AM »
most of the settings in SME are located in templates.
these templates are extracted to the conf-files at boottime or at specific events.
you must implement your changes into some templates as desribed in the post bevor...

cheers klaus
Logged

Offline commanda

  • **
  • 30
  • +0/-0
    • http://swafl.org (not smeserver)
save firewall rules
« Reply #3 on: April 06, 2004, 07:49:03 AM »
Quote from: "RavenIV"
most of the settings in SME are located in templates.
these templates are extracted to the conf-files at boottime or at specific events.
you must implement your changes into some templates as desribed in the post bevor...

cheers klaus


Yes I know this, but......
I'm no firewall guru, and there's over 70 different files in that templates directory. I wouldn't know where to start.

So I cheated. I put my half dozen lines of
iptables insert ....
into a script file, and put a call to it at the end of rc.local.

Works for me.

Thanks.

Amanda
Logged
...

bobk

save firewall rules
« Reply #4 on: April 06, 2004, 11:46:14 PM »
Quote from: "commanda"
......
I'm no firewall guru, and there's over 70 different files in that templates directory. I wouldn't know where to start...


commanda

Which fragment you use depends on where in the final file you want your additions/changes to end up. The number at the beginning of the fragment name determines its contents position in the file when the template is expanded. Look through the file and locate were you want your additions to appear then locate the fragment that contains the content close to were you want yours. Copy the fragment to "templates-custom" and edit in your additions.

If all you need to do is tack your additions onto the end of the final file then create a new fragment in the proper directory structure of "templates-custom". The name of the new fragment should begin with a number higher than any of the others, put your code in, expand the template and restart the service. Couldn't be much simpler than that.
Logged

Offline commanda

  • **
  • 30
  • +0/-0
    • http://swafl.org (not smeserver)
save firewall rules
« Reply #5 on: April 07, 2004, 12:11:40 AM »
Amazing how simple some things are in the cool light of day. I gotta get out more & clear my head.
Might take a small holiday when this project's finished.

Thanks.

Amanda
Logged
...
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: save firewall rules