From: "Richard Emberson" <remberson@xxxxxxxxxxxxxxxx>
What happens to existing connections if one reconfigures the
machine's IpTables?
Add a new rule?
Remove a rule?
Blow away configuration and set a new one?
Add a host/port mapping?
Remove a host/port mapping?
Yes, or is that no, or is that maybe, or is that "it depends"?
I think "it depends" fits best.
For example if you make a mistake and do not provide an escape valve,
say "iptables.text;sleep 60;iptables.real", you may find yourself
locked out having to go make a physical visit to the machine in question.
If you do not make a mistake and do not change a rule that would directly
affect your link then it may get blocked briefly, while the "iptables.text"
is being parsed and made active. But the connection will not necessarily
go away.
That is to say, I do it all the time via an SSH connection.
{^_^}
