set up NAT (network address translation) on local server
Bill Davidsen
davidsen at tmr.com
Mon Nov 24 22:14:19 UTC 2008
Tim wrote:
> On Fri, 2008-11-21 at 10:17 -0800, Rick Stevens wrote:
>> In /etc/sysconfig/iptables-config, if you change the following lines
>> to these:
>>
>> IPTABLES_SAVE_ON_STOP = "yes"
>> IPTABLES_SAVE_ON_RESTART = "yes"
>>
>> (by default they're set to "no"), you will cause the system to run
>>
>> iptables-save >/etc/sysconfig/iptables
>>
>> when "system iptables stop|restart" is run ("restart" is really a
>> "stop" followed by a "start"). This will save any changes made to the
>> running rules by the iptables command before iptables is actually
>> stopped.
>
> I'm curious why the rules aren't saved when you set them. Surely that's
> the time to commit them to file? Not when starting/stopping/restarting
> the iptables service.
>
No, the time to save them is after you test your changes and they work.
--
Bill Davidsen <davidsen at tmr.com>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
More information about the fedora-list
mailing list