On 5/18/06, Hongwei Li <hongwei@xxxxxxxxx> wrote:
No, you did not understand what I meant by setting the rules. I meant manually giving all
the necessary iptable commands from the command line to set up your firewall to your
liking. I did NOT say anywhere that you should edit the /etc/sysconfig/iptables file. So here
we go again:
1) Edit /etc/sysconfig/iptables-config and change to "yes" both the IPTABLES_SAVE_ON_STOP,
IPTABLES_SAVE_ON_RESTART options
2) If you like the CURRENT firewall setup that you see by giving the command:
iptables -v -L
proceed to step 3, otherwise issue the necessary 'iptables' commands from the
command line to fix the firewall settings to your liking. Alternatively you can use
the GUI from the Administrator Menu to get a basic firewall going.
3) Now with the CURRENT firewall all set you can save it by giving:
iptables-save > /etc/sysconfig/iptables
4) Let's test the whole thing now by giving:
/sbin/service iptables restart
You should be able to see the exact same firewall settings now, as before the restart, which
is an indication that the settings survived.
Filippos
> First you should set the iptables rules to what you desire. Then you should
> save them with
>
> iptables-save > /etc/sysconfig/iptables
>
> and having set the settings I refered to to "yes", the iptables should
> survive after a reboot.
> It works perfectly with my system. I think the problem is that you
> rebooted/restarted
> iptables before setting them up, and that's why you don't get any rules now.
>
-- NO. I did exactly as what you said:
1. set my rules in /etc/sysconfig/iptables
No, you did not understand what I meant by setting the rules. I meant manually giving all
the necessary iptable commands from the command line to set up your firewall to your
liking. I did NOT say anywhere that you should edit the /etc/sysconfig/iptables file. So here
we go again:
1) Edit /etc/sysconfig/iptables-config and change to "yes" both the IPTABLES_SAVE_ON_STOP,
IPTABLES_SAVE_ON_RESTART options
2) If you like the CURRENT firewall setup that you see by giving the command:
iptables -v -L
proceed to step 3, otherwise issue the necessary 'iptables' commands from the
command line to fix the firewall settings to your liking. Alternatively you can use
the GUI from the Administrator Menu to get a basic firewall going.
3) Now with the CURRENT firewall all set you can save it by giving:
iptables-save > /etc/sysconfig/iptables
4) Let's test the whole thing now by giving:
/sbin/service iptables restart
You should be able to see the exact same firewall settings now, as before the restart, which
is an indication that the settings survived.
Filippos
