locking iptables configuration

[Mr Dash Four <mr.dash.four@xxxxxxxxxxxxxx>]

Would it be possible to add an option to iptables preventing it from 
making any (rule) changes to the chains, in effect locking its 
configuration?

There is something similar done with auditctl - "auditctl -e 2" locks 
and prevents any further changes to its configuration and logs any such 
attempts to the audit log file. It would be nice if I could load my 
iptables(-saved) configuration/rules and then use that option to lock it 
so that it cannot be changed until the next time the machine reboots. Is 
this (easily) doable?
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html