Executing Commands at Boot¶
There are three primary options for executing custom commands at boot time:
earlyshellcmd, and shell scripts.
The shellcmd package can manage the
earlyshellcmd tags in
the GUI, so
config.xml values need not be edited by hand.
At boot time the firewall executes the
earlyshellcmd entries first and the
shellcmd entries much later in the boot process. Shell scripts are executed
at the very end of the boot process when initializing packages.
earlyshellcmd options are preferable as they are
contained within in the configuration file. As such they do not typically
require additional modifications should the storage medium be replaced and
reinstalled, or if the configuration is restored to a different piece of
<shellcmd> makes the firewall run a command
towards the end of the boot process.
To add a
shellcmd to a configuration, either use the
shellcmd package or
config.xml by hand (XML Configuration File).
To edit the
Back it up via Diagnostics > Backup/restore
Open the XML backup file in a text editor that properly handles UNIX line endings.
Add a new line above the
</system>line such as the following:
<shellcmd>mycommand -a -b -c 123</shellcmd>
mycommand -a -b -c 123is the command to run.
Save the changes to the configuration
Restore the modified configuration
Multiple lines may be added to execute multiple commands.
<earlyshellcmd> makes the firewall run a
command at the beginning of the boot process.
In most cases
<shellcmd> is more appropriate, though this may be
necessary in some circumstances.
The process to add an
<earlyshellcmd> tag is the same as
Either use the
shellcmd package or edit it in by hand.
This should result in a tag such as the following in the configuration:
<earlyshellcmd>mycommand -a -b -c 123</earlyshellcmd>
<earlyshellcmd> lines can be present to execute multiple commands.
Shell script option¶
Any shell script can be placed in the
The filename must end in
.sh and it must be marked as executable
chmod +x myscript.sh).
The firewall will execute every shell script ending in
.sh in this directory
at boot time.