Re: iptable in fc5

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: iptable in fc5
From: Andy Green <andy@xxxxxxxxxxx>
Date: Mon, 15 May 2006 20:58:58 +0100
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwAQMAAABtzGvEAAAABlBMVEUAAAD///+l2Z/dAAAA CXBIWXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH1QgcEB8sRzxF1wAAAO5JREFUGNMlj6FuAkEQhn8u 3ANU4GlVU9NXOFGB3BBqalBNmmBxTWAlqSkadZKgEK1t7hFoAoYgcD1IGmqA5Jrt9J/ZFfPl251/ JgvhcQBrWBr2IM7yTYSLoasTq+5UL1cDf030ugXt+CmsON3djjJgd9kGEV56fs6W/ZcfAa/H56JF m4lHE/Ih285YNxRXmWLbcGb3TcXPTR7N3spoi0a02FmmtCBljfYrZZIZ1A6ygI/Q3CGv2VdyaPwv h21w+gcJT3VDP4HG1ylRcQo7z0ukltugwJC5xKu92ZQqWjWxKfLoEp3yninkgQvFev4Brbazn0BT QlUAAAAASUVORK5CYII=
In-reply-to: <16de708d0605151251w5026baf1kae2f98f7b4968dfc@xxxxxxxxxxxxxx>
References: <4461.128.252.85.103.1147721226.squirrel@xxxxxxxxxxxxxxxxxx> <4540.128.252.85.103.1147721638.squirrel@xxxxxxxxxxxxxxxxxx> <16de708d0605151236oa6e2718o78759d1ce9c86bec@xxxxxxxxxxxxxx> <4744.128.252.85.103.1147722442.squirrel@xxxxxxxxxxxxxxxxxx> <16de708d0605151251w5026baf1kae2f98f7b4968dfc@xxxxxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Thunderbird 1.5.0.2 (X11/20060501)

Arthur Pemberton wrote:

>> -A RH-Firewall-1-INPUT -s 128.252.85.0/255.255.255.0 -m state--state NEW -m

Use -I ... -A "Adds" the rule after the existing ones... after the"catchall" --reject-with icmp-host-prohibited so it is never seen.


Another tip... after getting the behaviour correct, use

service iptables save

to store the firewall configuration so it will be active again on thenext boot.


-Andy

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

References:
- iptable in fc5
  - From: Hongwei Li
- Re: iptable in fc5
  - From: Hongwei Li
- Re: iptable in fc5
  - From: Arthur Pemberton
- Re: iptable in fc5
  - From: Hongwei Li
- Re: iptable in fc5
  - From: Arthur Pemberton