FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 02-07-2010, 04:22 AM
Daniel Dalton
 
Default firewall on laptop

Hi,

What is the best way to run a firewall script with lots of iptables
lines in it when a connection is put up? Eg. when I connect to ethernet
or wifi the script should run. If I'm offline then it shouldn't run. I'm
using wicd to manage all my wifi connections. Is it possible to get
this script to run every time I connect to a wifi network?

Thanks,
Dan


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-07-2010, 06:20 AM
Stan Hoeppner
 
Default firewall on laptop

Daniel Dalton put forth on 2/6/2010 11:22 PM:

> If I'm offline then it shouldn't run.

Why? Does it hurt anything to have the rules active when you're not connected?
I can't see how it would. All the rules do is cause the kernel to eat up a
small amount of additional memory. Iptables rules are kernel data structures,
not programs. Netfilter is part of the kernel. Iptables rules merely program
the behavior of Netfilter.

Just run your iptables script at startup and forget about it. Or, are you
having some kind of problem that you think this up/down/up/down/up/down of your
iptables rules will solve?

--
Stan


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 02-07-2010, 06:26 AM
Umarzuki Mochlis
 
Default firewall on laptop

2010/2/7 Stan Hoeppner <stan@hardwarefreak.com>

Daniel Dalton put forth on 2/6/2010 11:22 PM:



> If I'm offline then it shouldn't run.



Why? *Does it hurt anything to have the rules active when you're not connected?

*I can't see how it would. *All the rules do is cause the kernel to eat up a

small amount of additional memory. *Iptables rules are kernel data structures,

not programs. *Netfilter is part of the kernel. *Iptables rules merely program

the behavior of Netfilter.



Just run your iptables script at startup and forget about it. *Or, are you

having some kind of problem that you think this up/down/up/down/up/down of your

iptables rules will solve?

firestarter (GUI for iptables) would not start when the main interface had been set up to go out the internet is inactive/not connected*



--

Stan





--

To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org

with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org





--
Regards,

Umarzuki Mochlis
http://debmal.my
 
Old 02-07-2010, 11:24 AM
Liam O'Toole
 
Default firewall on laptop

On 2010-02-07, Daniel Dalton <d.dalton@iinet.net.au> wrote:
> Hi,
>
> What is the best way to run a firewall script with lots of iptables
> lines in it when a connection is put up? Eg. when I connect to ethernet
> or wifi the script should run. If I'm offline then it shouldn't run. I'm
> using wicd to manage all my wifi connections. Is it possible to get
> this script to run every time I connect to a wifi network?
>
> Thanks,
> Dan
>
>

wicd allows you to define a script for each network. See the
'beforescript' and 'afterscipt' properties in the file
/etc/wicd/wireless-settings.conf.

For a more general solution, you could place scripts in the directories
/etc/network/if-up.d/ and /etc/network/if-down.d/. See the existing
scripts in those directories for examples.

--
Liam O'Toole
Birmingham, United Kingdom



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 12:55 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org