Re: my iptables setting not loaded after reboot in fc5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2006-05-18 at 16:51 -0500, Hongwei Li wrote:
> > Here's what I did to insert a rule (using a minimal install of FC4 to set up a
> > subversion server):-
> >
> > To open port 10000 for WebMin without nice graphical tools the following
> > worked for me:-
> >
> > Add accept port 10000 rule to firewall:-
> >
> > Get a list of the current rules
> > iptables -t filter -L --line-numbers
> >
> > Insert the rule before the last rule
> > iptables -I RH-Firewall-1-INPUT 10 -j ACCEPT -p tcp -m state --state
> > NEW --dport 10000
> > there were 10 rules already in use in this case
> >
> > Configure iptables to save rule set upon restart
> > vim /etc/sysconfig/iptables-config
> > replace "no" with "yes" in line
> > IPTABLES_SAVE_ON_RESTART="no"
> >
> > do
> > service iptables restart
> >
> > put
> > IPTABLES_SAVE_ON_RESTART="no"
> > back to "yes"
> >
> > shutdown -r now
> >
> > and
> > iptables -t filter -L --line-numbers
> > to make sure it worked.
> >
> >
> > Any help to you?
> >
> > Dave Fletcher
> >
> 
> I did similar. But, my problem is that no matter what I do (I tested all
> different ways), as long as I put
> IPTABLES_SAVE_ON_RESTART="yes"
> and reboot, then all of my settings are gone.
> 
YES, UNLESS you have put your changes into the running rules before you
do the restart.  That line will force the running rules to overwrite and
delete any changes you have made to /etc/sysconfig/iptables.

> I also tried Firestarter. Strange thing is that I set some ports open from it,
> and restart computer. Then, the iptables settings are the "original output"
> plus whatever I set in firestarter, but the file /etc/sysconfig/iptables goes
> back to "original" -- no port is opened from that file.  So, the firestarter
> saves its setting somewhere else and adds them on top of the "original
> setting".
> 
> Something strange. I don't understand.
> 
> Hongwei
> 

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux