In this article we will bring you gone through how to setup your own systemd service.

We will now Demonstrate the process of create some of the service that you need and run before one of the specific process.

Assuming i want to run one of the service call IPSET 

What is IPSET?

IPSET is a companion application for the iptables Linux firewall. It allows you to setup rules to quickly and easily block a set of IP addresses, among other things.

What i want to do here is i wish to run the ipset command to setup my chain name, and let shorewall to set match the chain.

So the ipset have to run before the shorewall start.

Step1 : Setup ipset in /etc/init.d/

vi /etc/init.d/S39ipset

add the following content to the S39ipset file

#!/bin/sh
### BEGIN INIT INFO
# Provides: ipset
# Required-Start: $local_fs $network
# Required-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: ipset
# Description: ipset
### END INIT INFO
# ipset Start the ipset daemon.
ipset create luxauth iphash maxelem 512000 -exist

Save and quit the file.

Set executes permission for owner, group and other.

chmod 755 S39ipset

Now you are able to run the service using

/etc/init.d/S39ipset

and you can use below command make it start on boot.

update-rc.d S39ipset enable

But this doesn’t let you to control ipset start first or shorewall start first.

In Centos7 or Ubuntu 1604 you can actually using systemd to control which application start first.

Step2: Setup systemd ipset service.

create a file call ipset.service with below command.

vi /lib/systemd/system/ipset.service

[Unit]
Description=ipset firewall
Wants=network-online.target
Before=shorewall.service iptables.service
Conflicts=iptables.service firewalld.service

[Service]
Type=oneshot
RemainAfterExit=yes
StandardOutput=syslog
ExecStart=/etc/init.d/S39ipset start

[Install]
WantedBy=basic.target

Save and exit the file.

Note: the text with red are configuring this service start before shorewall and iptables.

Note: the text with blue are configuring this service using which scripts to start the ipset, we will set to /etc/init.d/S39ipset start  which is we set the init.d earlier.

Step3: enable ipset.service on boot.

systemctl enable ipset.service

After this , reboot your server and you will see that the ipset are start earlier than the shorewall.service.

In this tutorial are just giving you guys an idea how to setup your own service in a very basic ways.

And the example of setting up ipset are doesn’t meet any thing that you need.

Share this to your friends if you found this article is useful.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *