On Thu, Oct 10, 2013 at 10:13 AM, Paolo De Michele
<paolo@xxxxxxxxxxxxxxxxx>wrote:
> sorry, but now if I modify /etc/sysconfig/iptables and I add two strings,
> per example:
>
> output omitted
> -----
> -A INPUT -s ddns.no-ip.org -p icmp -j ACCEPT
> -A INPUT -j DROP
> ------
> output omitted
>
> and I do:
>
> service iptables save
> and
> restart my iptables firewall, output iptables -L is:
>
> -A INPUT -j DROP
> -A INPUT -s ddns.no-ip.org -p icmp -j ACCEPT
>
>
> why?
'service iptables save' tells iptables to take what's running in iptables
RIGHT NOW and save it to that file. so your added lines got overwritten.
so what previous replies have been expecting you to do is
boot up
login as root
start doing your commands e.g. iptables -I INPUT -s 192.168.0.0/16 -I eth0
-j DROP
get all the iptables command entries set to how you want them, check with
iptables -L
then run 'service iptabels save'
and reboot just to be sure all your rules got saved and are restored after
a boot. (although it shouldn't technically be required)
--
Even the Magic 8 ball has an opinion on email clients: Outlook not so good.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
