Here is my rc.local file: #!/bin/bash # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. touch /var/lock/subsys/local IPT="/sbin/iptables" $IPT -F $IPT -Z if [ ! -r x ]; then # No value from previous run - initialize x x=1 else x=$((`cat x`)) echo "Value of x from previous run = $x" fi if [ $x -eq 1 ]; then #FW1 IP: 192.168.10.2 $IPT -A FORWARD -i eth0 -o eth0 -s 192.168.10.0/24 -d 192.168.10.0/24 -p icmp --icmp-type echo-request -j ACCEPT $IPT -A FORWARD -i eth0 -o eth0 -s 192.168.10.0/24 -d 192.168.10.0/24 -p icmp --icmp-type echo-reply -j ACCEPT x=0; else #FW2 IP: 192.168.10.3 $IPT -A FORWARD -i eth0 -o eth1 -s 192.168.10.0/24 -d 192.168.10.0/24 -p icmp --icmp-type echo-request -j ACCEPT $IPT -A FORWARD -i eth0 -o eth1 -s 192.168.10.0/24 -d 192.168.10.0/24 -p icmp --icmp-type echo-reply -j ACCEPT x=1; fi # Save variable to file echo $x >x
