> From: "Curby ." <kirbysdl@xxxxxxxxxxx> > > In what order should i have /etc/init.d/network and my iptables setup script > (henceforth called "iptables") start? I've though about this also. In RH/FC it defaults to iptables then network. This seems the only safe and sensible solution. > If iptables starts before network, then network could override settings in > /proc/sys/net when it calls upon /etc/sysctl.conf. Additionally, it would I haven't given that issue much thought. I have not yet run into any conflicts or difficulties. > be harder to identify dynamic IPs, additional IPs set with "ip addr add," > etc. simply because the network isn't up yet. I too need to identify dynamic IP's and so I do exactly what you suggested by running iptables before network and my iptables script detects that the net is down and queues itself to run again every 30 seconds until successful (ie: can resolve domain names). This has been very successful for me.
