My iptables situation is very simple, fortunately. :) -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ben Scott Sent: Monday, September 22, 2008 4:27 PM To: Greater NH Linux User Group Subject: Re: iptables
On Mon, Sep 22, 2008 at 3:56 PM, Labitt, Bruce <[EMAIL PROTECTED]> wrote: > If I already have an iptables file, how do I go about editing it? Well, if I remember correctly, the Red Hat scripts save the information in a file </etc/sysconfig/iptables>, which has fairly self-explanatory syntax. You can reload any changes to the file using the <service iptables reload> command. Another approach is to manipulate the active ruleset in the running system. Make your changes, test them, debug them, and then (if happy) save the result. That's what that series of commands I posted will do: First delete everything, then create some rules, then save. The <service iptables save> command takes the current ruleset and writes it to the </etc/sysconfig/iptables> file. If you want to preserve existing chains, simply omit the -F and -X commands I started out with. They delete all existing rules from all chains, and then delete all user-defined chains, respectively. For complicated firewalls, I usually write my own, custom scripts, and disable the Red Hat <iptables> service entirely. But I don't think your scenario is complicated. :) -- Ben _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/