Re: Saving IPTable rules..oops

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: "Jason Williams" <jwilliams@xxxxxxxxxxxxxxxxxxxx>
To: <netfilter@xxxxxxxxxxxxxxxxxxx>
Sent: Thursday, December 30, 2004 3:39 PM
Subject: Re: Saving IPTable rules..oops


At 10:23 AM 12/29/2004, you wrote:
You can do couple of things:
- After you enter your commands from a shell, you can do a *service iptables save*. All the commands that you had entered will be stored in the *iptables* file in /etc/sysconfig. By the way this is the file the system reads while boot up to load the firewall configuration.
- You can directly edit this file to add new commands (though it is not recommended, but I still do it 'coz it makes life easier) and then run *iptables-restore* to load the new configuration.

Appreciate the help and feedback on this. Makes sense now.
One queston regarding the /etc/sysconfig/iptables file. In this file, can I put my variables in there? Such as: INET_IP=212.122.131.34, INET_IFACE="eth0" and so forth?
Or does that need to go somewhere else?

I don't think you can put your variables in /etc/sysconfig/iptables file. It follows a particular pattern which is not that difficult to learn.


If you want to use variables and stuff, you gotta write your own script file and run it at bootup. I use do this way when my firewall rules were less than 50 lines.

Now my firewall rules are more than 500 lines so I edit the /etc/sysconfig/iptables file directly. It is just an efficient way to load the rules through this file.

Hope this helps.

Deepak Seshadri

Thanks!

Jason





[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux