Le 25/11/2025 à 11:56, Didier Kryn a écrit :
> Le 24/11/2025 à 13:27, Peter via Dng a écrit :
>> Daedalus with sysvinit is working here. Shorewall is installed and can
>> be started interactively. I want shorewall to start automatically.
>
>     I understand it is necessary to restore the netfilter config at
> every start-up. But isn't it possible to do it through iptables?
>
>     I ask this because I've read that shorewall is a configuration
> tool, just like iptables, but higher level, and, furthermore,
> shorewall uses iptables to communicate the configuration to netfilter.
> Therefore it would be enough to isue a simple iptables command to
> restore the configuration, and keep shorewall to create/modify it.
>
>     I think the package iptables-persistent would do it for you, with
> an rc script which would be called before starting services like ssh.
>
>     Then shorewall could remain what it is intended for: a
> higher-level configuration UI than raw iptables. In no way a server.


    My wrong. Reading just a little more of the documentation, it seems
shorewall comes with an rc script as every service. Even though the
service is run by the kernel, the rc script would include shorewall
commands to start/stop/restart it. Therefore the rc script should be
included in the package and run automatically at start-up.

--    Didier