On Tuesday 15 July 2008 16:57, nate wrote:
> > (-A) Appends the new rule at the end of the chain.
> >
> > (-I) will insert it at the beginning when no line number is given.
> >
> > Man iptables for this information
>
> I read the man page and it didn't make sense I guess because my
> rules aren't setup the standard way, I have no idea what line number
> my rules are at. My firewall scripts call iptables explicitly,
> and in some cases the rules are dynamic. Just adapted the same scripts
> over the years from ipfwadm to ipchains to iptables.
While a lot of people use scripts to setup their firewalls I cannot understand
why they do not commit them to the normal config file and use the normal
setup to start/reset/stop their firewall. And I have a reason for saying
this.
If you use the system way to start and stop your firewall and use a script to
setup/test new settings you could save yourself a lot of headaches if you
mess something up in the script and it stops working. You simply restart the
firewall and the original rules are applied from the last time you saved
them.
But everyone has their own way of doing things.
What is easy for one seems like a daunting task.
--
Regards
Robert
Smile... it increases your face value!
Linux User #296285
http://counter.li.org
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
