On Fri, 2003-10-31 at 06:25, Gilles Yue wrote: > > What is the difference between saving iptables rules by typing > /sbin/service save and putting it in a script which executes when the > pc is restarted? IMHO this is a personal preference thing. Some people prefer to use the save/restore scripts. Some people (like myself) prefer to write their own shell script. Its all a matter of personal preference. For me, I just find working with a shell script easier. I typically remotely manage my firewalls. I find it easier to vi a file rather than work from the command line (you are also less likely to shoot yourself in the foot by messing up your rules and blocking your remote session. Been there, done that ;-). I also like being able to add in additional functionality like variables, do loops, etc. Your mileage may vary. > Secondly, if you were to put all your firewall rules in a script, > where (on which path) would you put it to have it executed when the > machine reboots. Again this is somewhat personal choice. I create /root/firewall and place all my firewall related scripts in there. You could put it in something like /usr/local/sbin, but now you have a longer path to type (ya I know, I'm *very* lazy ;-) and other unrelated files to contend with in the same directory. HTH, C
