[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] ipchains adding to rc.local
- Subject: Re: [cobalt-security] ipchains adding to rc.local
- From: "R. Hamburg" <cobalt@xxxxxxx>
- Date: Wed, 25 Jul 2001 19:33:48 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
>
> "fi" tells the shell-parser that here ends the block of an "if" rule
> statement.
>
> In other words, after a fi, all lines will be executed, no matter what.
> (unless there's a new if)
>
> In short, either write it in the very begining, or the very start. No fi's
> needed.
>
> Also a nice idea, is to create a file, say "customcommands" in /etc, chmod
> 700 it, and call it from rc.local. then you put all the things you want on
> boot on that file, and you don't touch rc.local too much. That's only a
> suggestion, though.
>
> ( i mean a batch file, yes? where the first line is: #!/bin/sh )
>
So let's say I name the file servercommands
the in rc.local I call them by entering
./etc/servercommands
Then IN the file servercommands I add the following lines:
/sbin/ipchains -I input -s 203.232.240.215 -j DENY -l
/sbin/ipchains -I input -s 63.25.226.171 -j DENY -l
and so on.....
Am I correct doing it this way ?
TIA
- Robbert