Am Do, den 29.01.2004 schrieb Shawn Iverson um 18:27:
> I was wondering if someone could point me to documentation on the
> /etc/sysconfig/iptables and iptables-config files. I currently have
> iptables turned off on FC1 and am using David Ranch's Masquerade-HOWTO
> scripts with modifications. I would rather set up my iptables the "Fedora
> way" and use the native iptables init and sysconfig scripts. I found info
> in iptables-save, iptables-restore, and iptables in the man pages, but that
> is about it.
>
> Can I simply do the following with my iptables up and running and then
> reconfigure my init scripts?
>
> iptables-save > /etc/sysconfig/iptables
Yes. Another possibility is:
/etc/init.d/iptables save
The format of the /etc/sysconfig/iptables file is in my eyes
self-explaining. There is a section for each table (nat and filter by
default) and each line in the iptables syntax just without iptables as
command name in front. To know more about iptables you should visit and
read www.netfilter.org.
Just set up your iptables roules. What is active you can get with
"iptables -t filter -L -n -v" for the filter table or any other table
like the nat table with "iptables -t nat -L -n -v". After finished
setting up the ruleset just save your work into the file mentioned above
with "/etc/init.d/iptables save". Run "chkconfig --list iptables" to be
sure your iptables is started in your runlevel.
The iptables-config file in /etc/sysconfig is just as it is, setting
options to no or yes.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 1 (Yarrow) on Athlon CPU kernel 2.4.22-1.2149.nptl
Sirendipity 18:39:34 up 3:27, 7 users, 0.00, 0.05, 0.08
[ ÎÎÏÎÎ Ï'ÎÏÏÎÎ - gnothi seauton ]
