Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Debian User (http://www.linux-archive.org/debian-user/)
-   -   firewall on laptop (http://www.linux-archive.org/debian-user/321986-firewall-laptop.html)

Daniel Dalton 02-07-2010 04:22 AM

firewall on laptop
 
Hi,

What is the best way to run a firewall script with lots of iptables
lines in it when a connection is put up? Eg. when I connect to ethernet
or wifi the script should run. If I'm offline then it shouldn't run. I'm
using wicd to manage all my wifi connections. Is it possible to get
this script to run every time I connect to a wifi network?

Thanks,
Dan


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Stan Hoeppner 02-07-2010 06:20 AM

firewall on laptop
 
Daniel Dalton put forth on 2/6/2010 11:22 PM:

> If I'm offline then it shouldn't run.

Why? Does it hurt anything to have the rules active when you're not connected?
I can't see how it would. All the rules do is cause the kernel to eat up a
small amount of additional memory. Iptables rules are kernel data structures,
not programs. Netfilter is part of the kernel. Iptables rules merely program
the behavior of Netfilter.

Just run your iptables script at startup and forget about it. Or, are you
having some kind of problem that you think this up/down/up/down/up/down of your
iptables rules will solve?

--
Stan


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Umarzuki Mochlis 02-07-2010 06:26 AM

firewall on laptop
 
2010/2/7 Stan Hoeppner <stan@hardwarefreak.com>

Daniel Dalton put forth on 2/6/2010 11:22 PM:



> If I'm offline then it shouldn't run.



Why? *Does it hurt anything to have the rules active when you're not connected?

*I can't see how it would. *All the rules do is cause the kernel to eat up a

small amount of additional memory. *Iptables rules are kernel data structures,

not programs. *Netfilter is part of the kernel. *Iptables rules merely program

the behavior of Netfilter.



Just run your iptables script at startup and forget about it. *Or, are you

having some kind of problem that you think this up/down/up/down/up/down of your

iptables rules will solve?

firestarter (GUI for iptables) would not start when the main interface had been set up to go out the internet is inactive/not connected*



--

Stan





--

To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org

with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org





--
Regards,

Umarzuki Mochlis
http://debmal.my

Liam O'Toole 02-07-2010 11:24 AM

firewall on laptop
 
On 2010-02-07, Daniel Dalton <d.dalton@iinet.net.au> wrote:
> Hi,
>
> What is the best way to run a firewall script with lots of iptables
> lines in it when a connection is put up? Eg. when I connect to ethernet
> or wifi the script should run. If I'm offline then it shouldn't run. I'm
> using wicd to manage all my wifi connections. Is it possible to get
> this script to run every time I connect to a wifi network?
>
> Thanks,
> Dan
>
>

wicd allows you to define a script for each network. See the
'beforescript' and 'afterscipt' properties in the file
/etc/wicd/wireless-settings.conf.

For a more general solution, you could place scripts in the directories
/etc/network/if-up.d/ and /etc/network/if-down.d/. See the existing
scripts in those directories for examples.

--
Liam O'Toole
Birmingham, United Kingdom



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


All times are GMT. The time now is 10:40 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.