hello all there,
i am suffuring a problem while going for the firewalls using the iptables...... While installing (RedHat 9) i had choosen the no-firewall option but now i want to setup those. According to that i wrote 3 policy rules for INPUT,OUTPUT and FORWORED in file /etc/sysconfig/iptables (innitially that file was not present).
After writting rules when i try command "service iptables restart" it shows an error problem at first line for file /etc/sysconfig/iptables.
So what should be the problem???????
Is there any solution for that????



Expecting a quick reply!!!!!! PLEASE Help me..........

Don't create the file /etc/sysconfig/iptables by hand. Set up the firewall using iptables so that the current running firewall is what you want to keep and then execute "iptables-save >/etc/sysconfig/iptables" to write the file.

The init scripts will then execute iptables-restore which reads the format iptables-save creates. The man pages for iptables/iptables-save/iptables-restore are also worth a look (not that iptables-save/iptables-restore have much by way of options but as a description of how they function...).

Hope that clarifies things.

hello sir thanks for the quick reply.......
i understood that i should use iptables-save command to dump the rule of iptables but did not come to understand that where should i write or mention rules of iptables so that i would run command "iptables-save > /etc/sysconfig "? and how the /etc/sysconfig/iptables would get created after running the same command......
Thank you onces again..................................

iptables-save dumps the current iptables configuration to standard output. The >/etc/sysconfig/iptables redirects this to the file /etc/sysconfig/iptables (which the init scripts will later read). iptables-save >/etc/sysconfig won't work as /etc/sysconfig is a directory (and even if it were a file the init scripts won't look for the iptables config there) you need the full path /etc/sysconfig/iptables (as stated the command "iptables-save >/etc/sysconfig/iptables" should do the trick). The command "cat /etc/sysconfig/iptables" will allow you to see the result of running the previous command.

thanks sir....
I got the command but the question arrised in my mind that does the file "/etc/sysconfig/iptables" get created automatically??????....... and if yes then where should i write my all iptables rules so that i can run the command "iptables-save > /etc/sysconfig/iptables" to create that file automatically.......
Sir what i mean to say that should i create a new file(rather than /etc/sysconfig/iptables) consisting of all rules like INPUT,FORWORD,OUTPUT etc. and do anything so that the rules in the file get redirected in /etc/sysconfig/iptables?????????????
Thanks for ur valuable time...........

If your getting errors it may just be because there's an error in the script. For example it's FORWARD not FORWORD.

thank you sir for ur contrubution.... Sir here i managed to build certain rules for my linux PC using IPTABLES............. One lask question from my side if I would managed to build software router using Linux System, then will tere be requirement of CISCO routers.......
Will the Linux system Router replace CISCO one...........
THANKS FOR UR VALUABLE TIME...............SIR