RH-Firewall combining
how to save iptables current policy in appropriate new file?
|
iptables-save > /etc/sysconfig/iptables
|
thanks, and how to auto apply file in - etc/rc.d/init.d/rc.firewall - which I made coz it's executable but not really working on startup
and workaround for chain already exists because I define it in that file rc.... obviously not needed everytime? |
normally, if iptables is starting service is started the correct run level then, the /etc/sysconfig/iptables rules will be loaded as default. i have no experience on FC3, but, for FC2 i think it should be working. no prob at all. make sure ur iptables is started a correct run level.
chkconfig iptables --level 3 on |
great :) that's a good answer to clear things up so is safe to remove the iptables file in sysconfig folder and put my own there? because now I have two of them in /etc/rc.d/init.d/rc.firewall and iptables :) wondering exactly how to use a single rules set
|
The best way would be to clear your current rules
iptables -F then run your script to set the rules, when the script has ran service iptables save will save your new rules service iptables restart iptables -L to list your new rules then to make sure iptables will start automatically chkconfig iptables on chkconfig --list iptables That should be it, your rules will start automatically. |
thank you so much man, it's transparent now :)) so the save is doing the /etc/sysconfig/iptables guess now I finally deleted that RH-Firewall shit... although it's a good start but a bad overal config if you're in my situation when a LOT of guys attemp some shit on my IP, like when I'm in windows my F-Secure Firewall (which I work for) states all the time - Inbound Sasser probe, or Bagle.C or Kuang.2 and under linux I reveice some strange requests but still not so familiar with the ports used there like those sunrpc or ipp anyone to know why are they used?
|
All times are GMT -5. The time now is 07:08 PM. |