iptables-save > /etc/sysconfig/iptables
and having set the settings I refered to to "yes", the iptables should survive after a reboot.
It works perfectly with my system. I think the problem is that you rebooted/restarted
iptables before setting them up, and that's why you don't get any rules now.
The best way to correct this I guess is through the graphical helper go to
Start->System->Administration->Security Level and Firewall
and change things to your liking over there. Then you will have secure and functional
default iptables that you can tweak around to your liking.
Filippos
On 5/18/06, Hongwei Li <hongwei@xxxxxxxxx> wrote:
> You should also change
>
> IPTABLES_SAVE_ON_RESTART="no"
>
> to
>
> IPTABLES_SAVE_ON_RESTART="yes"
>
> as well in /etc/sysconfig/iptables-config. Then make all the desired changes
> you
> want in iptables rules and save them (just in case) by
>
> iptables-save > /etc/sysconfig/iptables
>
> Then your rules should survive system reboots.
>
> Filippos
>
No, it gets even worse -- erased all of my settings and put something like:
# Generated by iptables-save v1.3.5 on Thu May 18 14:04:52 2006
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Thu May 18 14:04:52 2006
# Generated by iptables-save v1.3.5 on Thu May 18 14:04:52 2006
*mangle
:PREROUTING ACCEPT [5249:508453]
:INPUT ACCEPT [5249:508453]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2607:420915]
:POSTROUTING ACCEPT [2608:421173]
COMMIT
# Completed on Thu May 18 14:04:52 2006
# Generated by iptables-save v1.3.5 on Thu May 18 14:04:52 2006
*nat
:PREROUTING ACCEPT [544:96419]
:POSTROUTING ACCEPT [119:9123]
:OUTPUT ACCEPT [119:9123]
COMMIT
# Completed on Thu May 18 14:04:52 2006
in the file /etc/sysconfig/iptables and no port (22, 80, etc.) is open after
reboot.
Hongwei
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
