On Thu, Jun 17, 2010 at 09:34:36AM -0500, Grant Taylor wrote:
> On 06/17/10 03:26, Mamadou Touré wrote:
>> Hi, all i'd like to move rule to a position.
>> ex: i've these rules :
>> 1- iptable -A -p TCP --dport 80 -j ACCEPT
>> 2- iptable -A -p TCP --dport 21 -j ACCEPT
>> 3- iptable -A -p UDP --dport 53 -j ACCEPT
>>
>> after executing these command is there a mean to move rule at
>> position 3 to position 1 ?
>> So that the rule at 1 could go to 2 and 2 to 3.
>
> I think your best bet will be to insert a duplicate of rule 3
> before the current rule #1 and then delete what will become rule
> #4. I.e.:
>
> iptables -I 1 -p UDP --dport 53 -j ACCEPT
> iptables -D 4
>
> Note: I'm use to specifying the chain (FORWARD,INPUT,OUTPUT), so
> I'm not exactly sure how well those rules will work as typed.
> Y.M.M.V.
The chain is mandatory, but as others mentioned, best practice is to
use iptables-save(8)/iptables-restore(8).
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
