[Spce-user] Starting firewall on boot
Steve Saner
ssaner at hubris.net
Tue Jul 31 18:17:16 EDT 2018
Are most people here turning on the firewall rules as provided by the
ngcp-config?
If so, how are you getting those firewall rules to start on boot?
It appears that things are set up to use the netfilter-persistent
package to load the firewall rules on boot and a file
/etc/iptables/rules.v4 is created by ngcpcfg for that purpose.
For me, however, netfilter-persistent is failing to load the rules.
The reason, I believe, is because the rules in rules.v4 include the
rtpengine stuff and the jump to the RTPENGINE chain. When the
netfilter-persistent service is started, however, the kernel support for
RTPENGINE is not yet running, and so the iptables-restore fails.
It seems to me that the rules stored in rules.v4 should skip the rtp
engine stuff especially since those rules will be added automatically
when the ngcp-rtpengine-daemon service starts anyway.
Am I missing something?
Steve
--
--------------------------------------------------------------------------
Steven Saner <ssaner at hubris.net> Voice: 316-858-3000
Director of Network Operations Fax: 316-858-3001
Hubris Communications http://www.hubris.net
More information about the Spce-user
mailing list