Sounds to me like that "full featured" post-install, post-reboot configure-on-first-time-boot session might be the culprit. After installing with the KS script, boot the system into single user mode, *or* if the post-boot config session is pesky and still starts when you enter single user mode, boot with the install CD into rescue mode and find out if your modifications are there. Cheers, -Tim On Thu, 2003-02-06 at 09:22, Andrew M. Williams wrote: > Tony Nugent wrote: > > On Wed Feb 05 2003 at 09:52, "Andrew M. Williams" wrote: > > > > > >>I added entries to that file during %post, they disappeared on reboot. > > > > RedHat 8.0 > > I've tried the following > > issuing the iptables commands, they run fine. i.e. > iptables -A asdfasdfasdfasdf > and running iptables-save >/etc/sysconfig/iptables > I've also tried doing /etc/init.d/iptables save and service iptables > save all with the same effect > > > Echoing the lines into the /etc/sysconfig/iptables file, first echo > overwrites the next echos all append. > > On reboot after %post has run, everything seems to be the stock iptables > config. Contents of /etc/sysconfig/iptables is totally different than > what I set. > > I'll keep digging. > > - andrew > > > > > > > Disappeared??? Or not enabled at bootup? > > > > It should be trivial to drop a working /etc/sysconfig/iptables file > > into a newly built box, why would it "disappear"? > > > > In %post do a chroot into the new system, run /sbin/chkconfig to > > turn off ipchains and turn on iptables, and perhaps put "alias > > ipchains off" into /etc/modules.conf to make sure that ipchains > > doesn't get in the way. > > > > > >>- andrew > > > > > >>Eric Griffis wrote: > >> > >>>Tuesday, February 4, 2003, 11:29:27 AM, Andrew wrote: > > > > > >>>>Is there a sane way to add iptables rules in the %post section > > > > > >>>Look at /etc/sysconfig/iptables on any redhat box. It's a pretty > >>>straight-forward text file, except for the [..,..] numbers at the > >>>beginning of certain lines. Anybody know what those numbers represent? > >>>I've set them to 0's in the past without noticeable side effects. > >>> > >>>...eric > > > > > > Cheers > > Tony > > > > > > > > _______________________________________________ > > Kickstart-list mailing list > > Kickstart-list@xxxxxxxxxx > > https://listman.redhat.com/mailman/listinfo/kickstart-list > > > > > > > _______________________________________________ > Kickstart-list mailing list > Kickstart-list@xxxxxxxxxx > https://listman.redhat.com/mailman/listinfo/kickstart-list -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Timothy E. Miller voice: (336)758-3257 Parallel Computing Systems Administrator fax: (336)758-7127 Wake Forest University cell: (336)782-6987 Computer Science, Information Systems, Public Health Sciences ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
