Post tutorials, HOWTO's and other useful resources here.
-
donald
- Full of knowledge
- Posts: 2104
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Post#1
by donald » 06 Mar 2018, 20:52
n0ctilucient wrote: ↑06 Mar 2018, 17:47
(While booted into Porteus) copy /etc/rc.d/
lrc.local
Ok, this might be a typo..
But then
With a text editor open /etc/rc.d/rc.local and remove
the 1st comment (#) and add -e to the end of the line.
What..??
you mean the first line should be !/bin/sh -e ??
Looks to me like a messed up shebang line.
There should be a '#' in front of the '!'.
And why the -e flag = errexit
(causing the script to immediately exit on the first error)
Please explain why...
donald
-
donald
- Full of knowledge
- Posts: 2104
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Post#2
by donald » 07 Mar 2018, 01:01
You do only need a modified rc.local file to start the firewall.
Code: Select all
#!/bin/sh
#
# /etc/rc.d/rc.local: Local system initialization script.
#
# Put any local startup commands in here. Also, if you have
# anything that needs to be run at shutdown time you can
# make an /etc/rc.d/rc.local_shutdown script and put those
# commands in there.
chmod +x /etc/rc.d/rc.FireWall
/etc/rc.d/rc.FireWall start
When you start Porteus your firewall will default to "block all".
I doubt that the firewall will use the "block all" settings
without further adjustments in rc.FireWall > allowed ports
I think the firewall will use the default = normal setting
You can compare the "block all" and "normal" firewall settings
as root with
iptables -L -v
donald
-
donald
- Full of knowledge
- Posts: 2104
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Post#3
by donald » 07 Mar 2018, 11:59
EDIT
...learned something today...thanks!
ncmprhnsbl 
So the simplest way to achieve the goal would be to create a module containing
/etc/rc.d/rc.FireWall,
make rc.FireWall executable and edit the ALLOWED_PORTS line.
Example:
Firewall "normal" would be ALLOWED_PORTS="20 21 22 25 80 110 143 443"
Firewall "block all" would be ALLOWED_PORTS="80 443"
and if you name the resulting module (e.g) 009-firewall.xzm
and place it into the "base" folder, it will work in AF mode too.
Last edited by
donald on 07 Mar 2018, 14:44, edited 2 times in total.
donald
-
ncmprhnsbl
- DEV Team
- Posts: 4253
- Joined: 20 Mar 2012, 03:42
- Distribution: v5.0-64bit
- Location: australia
-
Contact:
Post#4
by ncmprhnsbl » 07 Mar 2018, 12:12
FYI. once /etc/rc.d/rc.FireWall is made executable, it will start at boot without needing /etc/rc.d/rc.FireWall start in rc.local(or anywhere else)
whatever is executable in /etc/rc.d/ will be executed at boot.
when set with psc, a module containing /etc/rc.d/rc.FireWall(executable) is made (when not using /changes)
Forum Rules : https://forum.porteus.org/viewtopic.php?f=35&t=44
ncmprhnsbl
-
donald
- Full of knowledge
- Posts: 2104
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Post#5
by donald » 07 Mar 2018, 12:28
@ ncmprhnsbl
Aha!, good to know, thanks.
donald
-
donald
- Full of knowledge
- Posts: 2104
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Post#6
by donald » 07 Mar 2018, 12:46
@ n0ctilucient
Hmmm...I thought you were going to build a module as you wrote in the 1st post
Now... make the module and add it to your Porteus loadout.
add it to the iso and burn a CD (or whatever)
Otherwise you could surely extract the original modules, search for the files, replace
them and rebuild the module,
donald
