On Sun Nov 03 2002 at 21:53, w wrote: > and when I set firewall at 'High', I get: > > [root /root]$ cat /etc/sysconfig/iptables > # Firewall configuration written by lokkit > # Manual customization of this file is not recommended. > # Note: ifup-post will punch the current nameservers through the > # firewall; such entries will *not* be listed here. > *filter > :INPUT ACCEPT [0:0] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [0:0] > :RH-Lokkit-0-50-INPUT - [0:0] > -A INPUT -j RH-Lokkit-0-50-INPUT > -A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT > -A RH-Lokkit-0-50-INPUT -p udp -m udp -s 198.6.1.60 --sport 53 -d 0/0 -j > ACCEPT > -A RH-Lokkit-0-50-INPUT -p udp -m udp -s 198.6.1.70 --sport 53 -d 0/0 -j > ACCEPT > -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --syn -j REJECT > -A RH-Lokkit-0-50-INPUT -p udp -m udp -j REJECT > COMMIT > > but, either way, I still don't have the sysconfig/iptables file: > > [root /root]$ cat /etc/sysconfig/iptables > cat: /etc/sysconfig/iptables: No such file or directory > > Is this still a problem? Yes. You need to preserve that filtering state. Do this: # service iptables save and now do: cat /etc/sysconfig/iptables Cheers Tony -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
