iptables configuration script
 

Hi everyone,

Im a complete newbie to iptables and Im Trying to create a script to edit the configuration of my iptables on a CentOS 2 legged firewall. I have a bridge network and a host only network.

Ive created a very basic script to switch on routing, set the default policies and to flush all existing rules.

the routing part is working fine but my iptables file is not changing at all after running my script. Any help would be greatly appreciated.


# Switch on routing
echo 1 > /proc/sys/net/ipv4/ip_forward

# Set default policies (-P), these rules will apply if no more specific rule exists
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

# Flush all existing rules
iptables -F INPUT
iptables -F FORWARD
iptables -F OUTPUT
iptables -F -t nat

Thanks in advance!

Why would you expect running iptables commands to change a file?

Did I miss something?

Thanks for the reply, Should it not change the iptables file in /etc/sysconfig to reflect the changes you have made? As I said Im completely new to this, just presuming this file should change?

You can make as many changes as you want into the memory of the running instance. Nothing is written out to disk (as far as I know, I have not dived into the code) until you run iptables-save.


This is from memory, you might take time to google for /etc/sysconfig/iptables and see what you find.

ahhh ok that makes sense. I Will do :) Thanks for the help

What version of CentOS are you running? looks like you said CentOS 2, anything older than the latest version of CentOS 6 is heavily out of date and without security patching.