Christopher Chan wrote:
YMMV. I prefer to build one via iptables, save it, then copy the file
across to all other hosts that use the same rules.
Your preferred method and mine might be different, but the end result is
the same, so what does it really matter? That's rhetorical by the way,
be
On Fri, Oct 24, 2008 at 08:25:40AM +0800, Christopher Chan wrote:
> Robert Spangler wrote:
>> On Thursday 23 October 2008 09:53, Chan Chung Hang Christopher wrote:
>>
>>> > Try adding it manually to the iptables config.
>>> >
>>> > # vim /etc/sysconfig/iptables
>>> >
>>> > And then restart ip
Max Hetrick wrote:
Chan Chung Hang Christopher wrote:
Not recommended. Do 'service iptables save' as Filipe posted.
I've never had any issues doing so. I know Johnny has recommended that
several times on the list as well. If he says it works, then I would say
it can't hurt. ;)
YMMV. I pre
Robert Spangler wrote:
On Thursday 23 October 2008 09:53, Chan Chung Hang Christopher wrote:
> Try adding it manually to the iptables config.
>
> # vim /etc/sysconfig/iptables
>
> And then restart iptables.
Not recommended. Do 'service iptables save' as Filipe posted.
You will need to
Chan Chung Hang Christopher wrote:
Not recommended. Do 'service iptables save' as Filipe posted.
I've never had any issues doing so. I know Johnny has recommended that
several times on the list as well. If he says it works, then I would say
it can't hurt. ;)
Regards,
Max
__
On Thursday 23 October 2008 09:53, Chan Chung Hang Christopher wrote:
> > Try adding it manually to the iptables config.
> >
> > # vim /etc/sysconfig/iptables
> >
> > And then restart iptables.
>
> Not recommended. Do 'service iptables save' as Filipe posted.
You will need to explain why th
AFAIK, "service iptables restart" does not cut off current
connections. The stateful connections are kept by the conntrack
module, which I believe will not be cleared on a restart of iptables,
and "service iptables restart" also uses iptables-restore, which does
the changes atomically instead of
Hi,
On Thu, Oct 23, 2008 at 10:01, Tom Brown <[EMAIL PROTECTED]> wrote:
> thanks - once added do i need to do anything to make these 'live' ? I
> imagine that a iptables restart will cut off current connections ? Is there
> not a 'reload' or similar?
AFAIK, "service iptables restart" does not cut
Tom Brown wrote:
thanks - once added do i need to do anything to make these 'live' ? I
imagine that a iptables restart will cut off current connections ? Is
there not a 'reload' or similar?
The moment you run iptables to add a rule, that rule becomes live.
___
iptables-save will only output the rules in a way that
iptables-restore will be able to rebuild the rules from.
If what you want is for these rules to be up when you boot the
machine, what you want is probably "service iptables save", which will
use iptables-save to record these rules to /etc/s
Try adding it manually to the iptables config.
# vim /etc/sysconfig/iptables
And then restart iptables.
Not recommended. Do 'service iptables save' as Filipe posted.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/
Tom Brown wrote:
I am trying to forward port 80 to 8080 locally using iptables with the
following
/sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT
--to-port 8080
However this does not get put into the iptables configuration even after
running iptables-save
Have i missed
Hi,
On Thu, Oct 23, 2008 at 09:15, Tom Brown <[EMAIL PROTECTED]> wrote:
> However this does not get put into the iptables configuration even after
> running iptables-save
iptables-save will only output the rules in a way that
iptables-restore will be able to rebuild the rules from.
If what you w
Hi
I am trying to forward port 80 to 8080 locally using iptables with the
following
/sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT
--to-port 8080
However this does not get put into the iptables configuration even after
running iptables-save
Have i missed something alon
14 matches
Mail list logo
