General :: Startup Script - Getting IPTables To Survive Reboot
Aug 22, 2010
I am trying to follow the info on Getting IPTables to survive a reboot. Everything works until I reboot but the script does not run when linux starts. The article says to create a script so ifupdown loads these rules on boot:
Code:
echo "#!/bin/sh" > /etc/network/if-up.d/iptables
echo "iptables-restore < /etc/firewall.conf" >> /etc/network/if-up.d/iptables
chmod +x /etc/network/if-up.d/iptables it put what I think is a symlink in if-upd but iptables still does not survive reboot.
I installed CentOS 5.5. After install, I decided to put 3 identical disk for raid 5. All the disks are IDE disk. Then I put a sata disk and partitioned it to add another partition to the raid 5 array. Everything works fine until I rebooted my system. After reboot, the sata partition I added into raid 5 is showing removed. I had to readd it using "mdadm --add" to make raid 5 array works.
This is a new 9.10 installation. Screen resolution by default is 800x600. I've installed the 1.85 nvidia driver, which correctly identifies my monitor as a Samsung 931b (or whatever). Nvidia's gui suggests a 1280x1024, which is just what I want. When I try to save the changes to xorg.conf, I get a variety of errors, including (but not limited to) "...error parsing xorg.conf..". I've chmod 'ed the X11 directory, and the xorg.conf* files in it to 777, I end up with 1280x1024 until a reboot, after which I get 800x600 again (arrgg!).
Judging from the number of people posting here and in other places, this is common. Seems there would be a solution that works. Any suggestions?
Here is the current content of my xorg.conf file:
ebaxter@ebaxter-desktop:/etc/X11$ cat xorg.conf # nvidia-settings: X configuration file generated by nvidia-settings # nvidia-settings: version 1.0 (buildd@palmer) Sun Feb 1 20:21:04 UTC 2009 # nvidia-xconfig: X configuration file generated by nvidia-xconfig # nvidia-xconfig: version 1.0 (buildmeister@builder63) Fri Aug 14 17:54:58 PDT 2009
I'm configuring an HP Mini 110 (wireless BCM4313) to use it as a small Access Point (ad-hoc mode).
I want to make my configuration reboot friendly. With what I have right now, as soon as I reboot the laptop, the wireless interface configuration isn't correctly setup. I have to do "ifdown eth1; ifup eth1" manually.
Here is what I have in /etc/network/interfaces for the wireless interface code...
So the question is how can I avoid having to bring down and up the interface?
I ran iptables save but on a server reboot it just loads the default firewall config. how I can get it to load and flush my custom iptables script on reboot?
I have set up a script in /etc/rc2.d to start up on reboot. The script needs to run on reboot using ID: abcdef. I placed an su - abcdef on top of the script and it didn't work. I tried the script manually running the script using root and my ID switched from root to abcdef and the script never ran. I am using Redhat 5.5
I have a strange problem with IpTables.after a server reboot, the complete rule-list of iptables is empty. After a manually start, all my old rules are there again.I checked chkconfig if autostart of iptables is enabled:chkconfig --list iptablesiptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Im new to fedora 11 and iptables, and i need to set the following set of instruction so VirtuaBox can accept request from lan, to the mailServer in the guest os, but after restart fedora i have to input it all again.How can it become permanent entry in iptables.
I am facing a strange problem witht my iptables as there are some firewall entries stored somewhere which is displaying the below firewall entries even after flushing the iptables & when I restart the iptables service then the firewall entries are again shown in my iptables as shown below,
I've got Xubuntu 11.04, VLC 1.1.9. I'm working on some kind of streaming server and I would like to start VLC stream at startup in case of PC reboot (for instance after blackout).
I've made script to do that and append that script to init.d and use upadate-rc.d. VLC don't work correctly because of some network issue (host unreachable, cannot make raw udp socket) but network and all its parts work correctly (for sure!!).
is it possible for malware to survive a full reformat (ie... dd /dev/zero,urandom,zero?I'm for some reason worried that my android based phone, PS3, XBox 360, Routers, and/or TV can somehow be infected with malware as they were hooked up to my network..Is this possible? And does Factory Resetting or Hard Resetting clear all data on the device and reset it entirely? If so, how does that work? Is there a specific storage chip on the device that cannot be written to and only read for when a hard reset is requested?
I'm aware that this sounds outlandish but I've got a severe paranoia for some reason and would like peer advice on how to resolve this and get some peace of mind.
For some reason my disc I burned for ubuntu desktop 10.10 freezes when I get to the ubuntu logo with the 5 dots. I am able to install ubuntu server just fine.
I tried to install desktop on top of server using sudo aptitude install ubuntu-desktop and then whenever I reboot it freezes during startup.
I think it might be my swap partition. I recall seeing a blip of an error talking about "press C to skip or M to start maintenence" or something like that. It never stayed on the screen long enough for me to read it.
I am using sda1 as /, which is a bootable drive. I do not know if my problem is that I did not create a /boot drive. After removing the iso dvd, I tried to reboot and I get this back: -bash: /sbin/reboot: input/output error Then it returns me to the terminal prompt.
I've tried iptables save, iptables-save and iptables save active.
"iptables save" and "iptables save active" give me an invalid argument error. "iptables-save" isn't a valid command. "iptables --help" gives me a list of valid switches, none of which have to do with saving.
I am unable to restore my iptables from iptables-save after upgrading Fedora. I cannot get iptables-restore to work, and I have resorted to entering rules manually using the GUI.
I recently installed a new Ubuntu PC that runs iptables and PSAD. I had the same script on another Ubuntu PC, but when I copied the script onto the new PC, I got this error. I don't remember where I found the tutorial for this, all I know is that this is the script (Edited for my usage):
Code:
#!/bin/bash # Script to check important ports on remote webserver # Copyright (c) 2009 blogama.org # This script is licensed under GNU GPL version 2.0 or above
root@NETWORK-SERVER:/var/ddosprotect# ./ipblock.sh ' not found.4.4: host/network `127.0.0.1 Try `iptables -h' or 'iptables --help' for more information. ' not found.4.4: host/network `192.168.1.8
To expand: I'm trying to set up a box with l7-filter, and I need to patch and compile iptables 1.4.1.1 as part of the process. I ./configured it with the prefix= argument so it would install into /sbin instead of /usr/sbin, and I did a yum remove iptables before installing it so as not to get in the way of the original iptables, but I'm wondering if this is really necessary - it's kind of annoying, because removing the original iptables removes the init.d script, deregisters the service, etc. If I don't, is it possible that iptables 1.4.1.1 might get overwritten in a system update or something, or will yum see that I've got a custom/newer version in there and leave it be?
Further to this LQ thread which Tinkster solved by suggesting the last command (thanks Tinkster) I have been exploring last -x reboot and have found that the reported duration is incorrect for the last reboot and shutdown when a old wtmp file is used. Not having a record for the following shutdown, last assumes that the system has been up until the current time and similarly for the shutdown.
The output comes in time order, latest first, each line showing the time of the reboot and the uptime from then to shutdown. Using last -x reboot shutdown to show the shutdown time, here's an illustration
Code:
shutdown system down 2.6.29.6-smp Sun Mar 7 15:35 - 03:02 (11:27) reboot system boot 2.6.29.6-smp Sun Mar 7 09:35 (05:59) 09:35 until 15:35 is 05:59.
When the uptime exceeds 24 hours it is shown as (<days>+<hours:minutes) like this Code: shutdown system down 2.6.29.6-smp Sun Feb 21 12:39 - 13:20 (00:40) reboot system boot 2.6.29.6-smp Sat Feb 20 09:39 (1+02:59) 09:39 until 12:39 the next day is 1 day 02:59.
The time in parentheses at the end of the shutdown lines is normally the time until the next shutdown.
So far so good. The incorrect output is for the last reboot and shutdown of an old wtmp file. Here's the output of last /var/log/wtmp -x reboot shutdown; last -f /var/log/wtmp.1 -x reboot shutdown
Code:
[snip] reboot system boot 2.6.29.6-smp Fri Mar 12 07:42 (01:54) shutdown system down 2.6.29.6-smp Fri Mar 12 01:31 - 09:37 (08:05) wtmp begins Thu Mar 11 08:25:26 2010 [snip] reboot system boot 2.6.29.6-smp Wed Mar 10 14:12 (15+01:42) shutdown system down 2.6.29.6-smp Wed Mar 10 12:41 - 15:54 (15+03:13) [snip]
The boot started at "Wed Mar 10 14:12" which had an actual uptime of 1 day 11:20 is reported as 15 days 03:13 which is the time from then until the last -f /var/log/wtmp.1 -x reboot shutdown command was issued. The time from shutdown to shutdown is similarly affected.
I need to use hostnames in my iptables. When I go to restart iptables, it works fine but when I am rebooting the Linux server it fails during startup since the name service is started up after the iptables. Does anybody have recommendations to get around that? Should I set up a script to run the iptables after everything the server comes back up fully?
