[systemd-devel] transforming Iptables bash script to systemd service file -help
Reindl Harald
h.reindl at thelounge.net
Fri Sep 12 05:20:01 PDT 2014
Am 12.09.2014 um 14:04 schrieb lux-integ:
> On Friday 12 September 2014 11:53:23 Simon McVittie wrote:
>> The way to do this is to write a script in the programming language of
>> your choice (bash is one possibility), and have the systemd service file
>> run that. There would be little point in systemd reinventing a generic
>> script interpreter: we already have lots of those (bash, Python, etc.)
>
> thanks to you and others
> I only ask as I was under the impression that bash scripting was a no-no for
> systemd implementations
>
>
> I will stick with the tried and tested bash scripts for iptables
> then try something like
>
> ExecStart=/bin/sh -c " path/to/IptablesScript"
>
> inside a servce file
>
> will this suffce ?
why want you do that?
on Redhat systems end your script with "/usr/sbin/iptables-save > /etc/sysconfig/iptables"
and just enable the iptables service, the pre-generated rules will be loaded at boot from
iptables - there is really no need to fire up the shell script each boot
i maintain around 30 servers that way with a distributed "iptables.sh"
which has general rules and some depending on $HOSTNAME for many years
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20140912/f482a7cc/attachment.sig>
More information about the systemd-devel
mailing list