locking iptables configuration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Would it be possible to add an option to iptables preventing it from making any (rule) changes to the chains, in effect locking its configuration?

There is something similar done with auditctl - "auditctl -e 2" locks and prevents any further changes to its configuration and logs any such attempts to the audit log file. It would be nice if I could load my iptables(-saved) configuration/rules and then use that option to lock it so that it cannot be changed until the next time the machine reboots. Is this (easily) doable?
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

Powered by Linux