iptables vs. rc.firewall
 

I am very confused. I see that I have an 'iptables' files and an 'iptables-config' file in my /etc/sysconfig folder.

When I configured IP masquerading for my home network I found a file called rc.firewall - which I was instructed to place in my /etc/rc.d/ folder and whenever I have to reboot my computer I have to run that file in order to allow my other [windows] computers out to the internet.

So my questions are-
What is the difference between these two files? Does the rc.firewall file simply append iptables 'rules' to the 'iptables' file?

When I add 'rules' or 'lines' to my iptables (for instance I currently trying to block all outside requests to my samba ports) should I add these lines to the rc.firewall file or the iptables file or the iptables-config file?

If I make changes to the iptables file - am I supposed to 'restart' iptables?

I know I'm asking alot - but I'm sure its very elementary knowledge to alot of you, and would appreciate your help.

Tells me you are using RedHat/Fedora or a redHat based distro. So, you don't really need to copy rc.firewall to /etc/init.d. RedHat has a script iptables that reads from an existing set of rules that it saves in the /etc/sysconfig directory and loads them at boot. But this script pretty much just maintains the iptables rules. If there is no file in /etc/sysconfig, the script will maintain a default ACCEPT stance.

To load the initial set of rules, you may need to write another script with ACCEPT/DROP rules to regulate traffic coming in and going out of your system. Once your execute your script, and you can see your rules when you give the command

# iptables -nvL

and you are satisfied with the way your rules behave, you can go ahead and commit those rules to /etc/sysconfig/iptables with the command

# service iptables save.

so that last command will basically 'overwrite' my /etc/sysconfig/iptables file to the current settings I have with my rc.firewall?