where do I need to put my ipchains commands so that they will be implemented at boot time (or shortly afterwards)

I am using suse 7.1 and have tried suse firewall script but it's too complicated for my needs (and it didn't work as I expected) -- all I want to do is deny pings and icmp traceroutes (for starters)

I would suggest to look at this site:-www.linux-firewall-tools.com/linux/, where u can use the design tool to generate the firewall script - rc.firewall.
refer to the installation notes given -Download this script to your /etc/rc.d directory and use the editor of your choice to change the rc.local as follows:-
sh /etc/rc.d/rc.firewall

Hope this helps

Im not to sure on this or what you have available. But if you have gnome (like i do) or kde, you can type in a terminal "tksysv" and it brings up a window where you can add and remove startup scripts. Not sure if it works in your distro either.

Originally posted by miker:
<STRONG>where do I need to put my ipchains commands so that they will be implemented at boot time (or shortly afterwards)

I am using suse 7.1 and have tried suse firewall script but it's too complicated for my needs (and it didn't work as I expected) -- all I want to do is deny pings and icmp traceroutes (for starters)</STRONG>

Another way is to put your firewall rules (ipchains) in /etc/rc.d/rc.local. For example,
echo 1 &gt; /proc/sys/net/ipv4/ip_forward
ipchains -A forward -s 10.20.57.208/28 -j MASQ
What are packets (input, output, forward) do you want deny?
I like put all firewall rules in one script and execute it from rc.local.