Forum Rules - Formats - Spotlights  -  Home - Library - New Additions

Need help with iptables in Linux

TCPMetaTCPMeta
edited September 2014 in Software
I'm retireing my Linksys and turning a P4 I brought home into a simple network gateway.
I'm running Debian Lenny 5.10, don't ask I have my reasons for that version. I'm having issues on getting iptables to reload the rules file I created. Would it be fine if I loaded it on the /etc/rc.local file or should I create a init script?

Comments

  • KirkKirk
    I actually have routers like this. What I generally do is make a script like "firewall.sh" which purges all of the iptables rules and then applies my firewall and NAT rules from scratch. I cron this script @reboot.

    This way, if I want to add another port forward, change a rule, etc, it's as easy as just updating the script and rerunning it by hand. The rule will always be applied in the future.

    Another common way to do it is to set your iptables how you want it, then run iptables-save. I like the script approach, for the reasons I outline above.

    If you need any help getting the rules working how you want, let me know and I'd be happy to share some of my commands and insights with you.
  • BlueSunBlueSun
    I usually load my iptables in /etc/network/interfaces. I don't know why, that's just how I've always done it. I have a file generated by iptables-save and I load it with iptables-restore
  • stitchstitch
    apt-get install iptables-persistent and then the default /etc/init.d/iptables save script works.
  • calvinbcalvinb
    Lenny's repos are gone though. Oldstable (squeeze) is old as you get without pulling from archives.

    btw lenny today is a stupid idea
  • TCPMetaTCPMeta
    I finally got fed up with IPTables and tossed on a different one. I compiled ufw from ubuntu , was a pain in the rump but I got it working.

    Not all of Lenny's repos are gone. Found a third party site that has a mirror including backports-sloppy. Lenny isn't bad to use. Just have to compile the latest fixes by hand instead of using aptitude.
  • calvinbcalvinb
    Ok, but seriously, why?
  • TCPMetaTCPMeta
    Hardware reasons.
  • calvinbcalvinb
    Bullshit, I ran wheezy on a P3 500. It has 486 kernels available.
  • TCPMetaTCPMeta
    not if some hardware I require uses 3rd party drivers that haven't been updated since lenny.
  • stitchstitch
    What's the hardware in question?
  • TCPMetaTCPMeta
    I finally found a way to get the drivers working in squeeze.

    It's for a Dial-up data/fax/voice modem so I can send faxes and also use it for a custom voice mail service for my PBX.
  • JoshJosh
    Out of curiosity what kind of PBX and what type of transport is providing dial tone to your PBX?
Sign In or Register to comment.