> Here's what I did to insert a rule (using a minimal install of FC4 to set up a > subversion server):- > > To open port 10000 for WebMin without nice graphical tools the following > worked for me:- > > Add accept port 10000 rule to firewall:- > > Get a list of the current rules > iptables -t filter -L --line-numbers > > Insert the rule before the last rule > iptables -I RH-Firewall-1-INPUT 10 -j ACCEPT -p tcp -m state --state > NEW --dport 10000 > there were 10 rules already in use in this case > > Configure iptables to save rule set upon restart > vim /etc/sysconfig/iptables-config > replace "no" with "yes" in line > IPTABLES_SAVE_ON_RESTART="no" > > do > service iptables restart > > put > IPTABLES_SAVE_ON_RESTART="no" > back to "yes" > > shutdown -r now > > and > iptables -t filter -L --line-numbers > to make sure it worked. > > > Any help to you? > > Dave Fletcher > I did similar. But, my problem is that no matter what I do (I tested all different ways), as long as I put IPTABLES_SAVE_ON_RESTART="yes" and reboot, then all of my settings are gone. I also tried Firestarter. Strange thing is that I set some ports open from it, and restart computer. Then, the iptables settings are the "original output" plus whatever I set in firestarter, but the file /etc/sysconfig/iptables goes back to "original" -- no port is opened from that file. So, the firestarter saves its setting somewhere else and adds them on top of the "original setting". Something strange. I don't understand. Hongwei
