Doubt about the use of additional config file on iptables on FC7.

Vinicius cviniciusm at
Sun Jun 3 20:23:22 UTC 2007


The system-config-securitylevel says I can use an additional config file 
on iptables, more specifically after the defaults. So should myiptables be:
"-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport <a 
port> -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

<a port>  = a port that I want to open.

Must I move the three final lines of iptables to the final of myitables?


More information about the fedora-list mailing list