well, I have no choice, i'm "trusting" in service iptables save, but at list my box works!
Merry Christmas and Happy New Year
Cheers!
2006/12/21, Morten Torstensen <morten@xxxxxxxxxxx>:
Michael Velez wrote:
> CentOS 4.4 already has an iptables script. You should start with that. Then
> add your customized iptables rules from the command line and once you have
> verified them, save them to /etc/sysconfig/iptables with 'service iptables
> save'. Are you using your old Fedora iptables script?
I do it differently. I don't trust the "service iptables save" as
sometimes adding other services will alter the saved data. The Red Hat
scrips will do that for you to be "helpful".
The best solution (for me) is to create a completely standalone iptables
configuration script. Then I just hack the default iptables script to
run that script instead of loading the saved rules.
This leads to the minimum amount of intrusion into the Red Hat setup and
has not given me any problems when upgrading from RH9 via various RHEL,
Fedora and now to CentOS4.
--
//Morten Torstensen
//Email: morten@xxxxxxxxxxx
//IM: Cartoon@xxxxxxxxx morten.torstensen@xxxxxxxxx
And if it turns out that there is a God, I don't believe that he is evil.
The worst that can be said is that he's an underachiever.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
