BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Please help with RedHat 6.2 startup script

Subject: Please help with RedHat 6.2 startup script
From: billhorne at mediaone.net (Bill Horne)
Date: Fri, 10 Aug 2001 22:23:19 -0400

Thanks for reading this. I'm having a problem with a Redhat 6.2 startup
script, and would appreciate help from the group.

Here's what I know:

1. This script is being executed during non-interactive startup
(confirmed with debug statements)
2. When it runs during startup, it does things very differently than
when it's run from the command line.
3. Nothing else changes: startup vs. command line, same options, files,
etc.

Here's the relevant portion of the script: it's in the ipchains firewall
rule setup /etc/rc.d/init.d/ipchains -

case "$1" in
  start)
        # don't do squat if we don't have the config file
        if [ -f $IPCHAINS_CONFIG ]; then
            # If we don't clear these first, we might be adding to
            #  pre-existing rules.
            action "Flushing all current rules and user defined chains:"
ipchains -F
            action "Clearing all current rules and user defined chains:"
ipchains -X
            ipchains -Z
            echo -n "Applying ipchains firewall rules: "
                grep -v "^#" $IPCHAINS_CONFIG | ipchains-restore -p -f
&& \
                    success "Applying ipchains firewall rules" || \
                    failure "Applying ipchains firewall rules"
            echo
            touch /var/lock/subsys/ipchains
        fi
        ;;

(remember, I've confirmed that this is being executed during startup)

Here's the rule set after the above runs during setup:

Chain input (policy DENY):
target     prot opt     source                destination
ports
ACCEPT     udp  ------  0.0.0.0/0            0.0.0.0/0             68
->   67
Chain forward (policy DENY):
target     prot opt     source                destination
ports
MASQ       all  ------  192.168.0.0/24       0.0.0.0/0             n/a
Chain output (policy ACCEPT):

Now, this is NOT what I wanted.  But, when I execute

/etc/rc.d/init.d/ipchains start

from the command line, I get this ruleset:

Chain input (policy DENY):
target     prot opt     source                destination
ports
ACCEPT     udp  ------  24.91.0.0/24         0.0.0.0/0             53
->   *
ACCEPT     udp  ------  24.128.1.80          0.0.0.0/0             53
->   *
ACCEPT     udp  ------  24.128.60.0/28       0.0.0.0/0             53
->   *
ACCEPT     all  ------  0.0.0.0/0            0.0.0.0/0             n/a
ACCEPT     all  ------  0.0.0.0/0            0.0.0.0/0             n/a
ACCEPT     tcp  !y----  0.0.0.0/0            0.0.0.0/0             *
->   *
ACCEPT     icmp ------  0.0.0.0/0            0.0.0.0/0             *
->   *
Chain forward (policy DENY):
target     prot opt     source                destination
ports
MASQ       all  ------  192.168.0.0/24       0.0.0.0/0             n/a
Chain output (policy ACCEPT):

... Which ** IS ** what I wanted.

All help welcome. TIA.

Bill Horne

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).

Follow-Ups:
- Please help with RedHat 6.2 startup script
  - From: shark at ll.mit.edu (Greg Gimler)

Prev by Date: connectivity issues
Next by Date: connectivity issues
Previous by thread: connectivity issues
Next by thread: Please help with RedHat 6.2 startup script
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org