Re: Iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hi Silvio

One general comment - your script uses the iptables command for each
rule - this is extremely inefficient. This is probably not a big deal in
your case but I'll mention it anyway.

Far better way is to output the firewall in the same format as
iptables-save uses, then simply use iptaples-restore to load the
firewall rules - this reads the entire set of rules and ask the kernel
to install them all in one shot. This is essentially just dropping the
'$IPT' part for each rule plus a slightly different way to define chains
and set the default policies.

One way to see the format is simply to use iptables-save on existing
firewall. This is the format used by iptables to save / restore rules.

best

gene



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux