Fedora Users — Doubt about the use of additional config file on iptables on FC7.

Doubt about the use of additional config file on iptables on FC7.

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: fedora-list@xxxxxxxxxx

Subject: Doubt about the use of additional config file on iptables on FC7.

From: Vinicius <cviniciusm@xxxxxxxxxx>

Date: Sun, 03 Jun 2007 17:23:22 -0300

Reply-to: For users of Fedora <fedora-list@xxxxxxxxxx>

User-agent: Thunderbird 2.0.0.0 (X11/20070419)

Hello,

The system-config-securitylevel says I can use an additional config fileon iptables, more specifically after the defaults. So should myiptables be:

/etc/sysconfig/myiptables:

"-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport <aport> -j ACCEPT

-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT"

<a port>  = a port that I want to open.

Must I move the three final lines of iptables to the final of myitables?


Regards,
Vinicius.