LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   IPTABLES - rules in /etc/sysconfig/iptables (http://www.linuxquestions.org/questions/linux-newbie-8/iptables-rules-in-etc-sysconfig-iptables-257112/)

The_JinJ 11-20-2004 01:05 AM

IPTABLES - rules in /etc/sysconfig/iptables
 
If I manually add a rule via the command line like:
#iptables -A INPUT -s 127.0.0.1 -p ICMP -j DROP
it works fine but I'm trying to add this to /etc/sysconfig/iptables. I used the same syntax but when I reload iptables i get an error:

Applying iptables firewall rules: iptables-restore: line 2 failed

Is the syntax in the file different than on the commend line?

Tinkster 11-20-2004 01:19 AM

If what MDK/FC store in /etc/sysconfig/iptables
is the result/input of an iptables-save/-restore
operation it's definitely different.

Those files aren't your normal shell-script kind
of firewall setup-scripts.

Try a
iptables-save | less
with a few rules active to see what I mean :)


Cheers,
Tink

The_JinJ 11-20-2004 01:25 AM

Quote:

Originally posted by Tinkster
If what MDK/FC store in /etc/sysconfig/iptables
is the result/input of an iptables-save/-restore
operation it's definitely different.

Those files aren't your normal shell-script kind
of firewall setup-scripts.

Try a
iptables-save | less
with a few rules active to see what I mean :)


Cheers,
Tink

Cheers Tinkster, I see what you mean....
Where do these rules save then and how do you write a file that contains them? Or am I missing something here? :newbie:

Tinkster 11-20-2004 01:29 AM

All you need to do is (once the firewall is doing what you
want it to do) as root:

iptables-save > /etc/sysconfig/iptables


:}


Cheers,
Tink

The_JinJ 11-20-2004 01:31 AM

Quote:

Originally posted by Tinkster
All you need to do is (once the firewall is doing what you
want it to do) as root:

iptables-save > /etc/sysconfig/iptables


:}


Cheers,
Tink

DOH!!! That's so obvious!! lol...cheers Tinkster! :p

Tinkster 11-20-2004 01:33 AM

You're welcome mate :)


Cheers,
Tink

The_JinJ 11-20-2004 01:40 AM

In case anyone is looking in here, I found this good tutorial which explains it all - http://www.faqs.org/docs/iptables/index.html


All times are GMT -5. The time now is 02:05 AM.