if there isn't a file called iptables in /etc/sysconfig then u can just create it and stick ur rules in there. when the system boots up and if ur system is configured to start the iptables script it will load the rules in that file.
you can do something similar to the following after you write ur iptables rules:
(this is of course if you write your rules at the command prompt)
iptables-save > /etc/sysconfig/iptables
which will save all of ur rules that are in memory to that file.
---
the rc.firewall allows you to create your own script that you possilby can't do in the /etc/sysconfig/iptables
(correct me if i'm wrong on this guys), but i don't think you can do say things like this in the iptables file :
if ! /sbin/ifconfig | grep $EXTIF > /dev/null; then
echo -e "\n\nExternal interface is down. Aborting."
exit 1;
fi
echo External Interface: $EXTIFif !
i *believe* the iptables-save and restore commands will only understand iptable rules.
(which, if you read the iptables script in the /etc/rc.d/init.d/ directory - is how the system restores your iptables rules at boot time)
---
Last edited by dangel; 12-13-2001 at 07:41 PM.
|