I don't think you can put your variables in /etc/sysconfig/iptables file. It follows a particular pattern which is not that difficult to learn.
If you want to use variables and stuff, you gotta write your own script file and run it at bootup. I use do this way when my firewall rules were less than 50 lines.
Now my firewall rules are more than 500 lines so I edit the /etc/sysconfig/iptables file directly. It is just an efficient way to load the rules through this file.
I see. so if i want to use variables, I need to edit/replace /etc/init.d/iptables then? with my own custom script?
Sounds like i need to brush up on my scripting. :)
Cheers,
Jason
