creating new script to be called in rc.local

[pauhn]

I'm trying to write a simple script that will loop through certain commands at startup. I thought it'd be something like:

Code:

while true do;
iptables –F INPUT
iptables –F OUTPUT
iptables –F FORWARD
iptables –F –t nat
echo 1 > /proc/sys/net/ipv4/ip_forward
done

But, it gets hung up right away. How do I get this to work right?

[atreyu]

You don't want to run that, it is an eternal loop!

Okay,

That won't run b/c of a syntax error. You said:

Code:

while true do;

but what you want is:

Code:

while :; do

but like I said, you don't want to do that in a loop. You'd just do the iptables commands themselves.

If this is a Red Hat-ish system, you probably want to do this with /etc/sysconfig/iptables and the iptables-save command though.

[pauhn]

eternal loops are bad. How do I stop that from happening?

[atreyu]

Code:

#!/bin/bash
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -F -t nat
echo 1 > /proc/sys/net/ipv4/ip_forward

[pauhn]

this is a centos box.

I was told that I can write a script with these commands to enable my system to route after startup. saving the script to rc.d and have the system call them in rc.local

[atreyu]

That code will execute if you put it in rc.local, or call a script containing it from rc.local, true.

I'm just saying that RHEL (and thus CentOS) have engineered a firewall into the system, that it would behoove you to use. You can use the service and chkconfig commands to control it, and a GUI tool (depending on your version - what is it, btw?), and special commands to modify the configuration of it.

[pauhn]

version is centos 5.5, I was just messing around with the firewall, as I've been reading a few articles on creating one yourself via CLI

[atreyu]

Fair enough, just be aware that doing it that way is not the cleanest way to do it. Just do a little reading in the documentation and familiarize yourself with the iptables-save command and the /etc/sysconfig/iptables config file (it will look somewhat like the script you posted).

Here is a good bit from the RHEL 5 Deployment Guide on firewalls.

[pauhn]

thanks for the help. I always hope that you find my posts

[pauhn]

now I have come across a curious problem. I'm trying to call the script from rc.local. I put in the lines

Code:

#call firewall
./firewall

both scripts are in rc.d but when I reboot, rc.local does not call my script.