iptables help
Mike Burger
mburger at bubbanfriends.org
Sat May 14 02:07:07 UTC 2005
On Fri, 13 May 2005, Bill Tangren wrote:
> Jessica Zhu wrote:
>> Hi,
>>
>> I tried to customize and set up firewall using iptables on Red Hat
>> Enterprise Linux ES release 3. The file /etc/sysconfig/iptables got edited.
>> After I finished editing, I restarted service using /etc/init.d/iptables
>> restart or service iptables restart. However, though it's got successfully
>> restarted, when I checked the status, none of my editing taking effection.
>> It's weired. For example, the default chain INPUT, OUTPUT and FORWARD all
>> are ACCEPT, down in new iptables I edited, it's like as follows,
>>
>> *filter
>> :INPUT DROP
>> :FORWARD DROP
>> :OUTPUT ACCEPT [0:0]
>>
>> But nothing take effection after iptables got restarted. What happened?
>>
>> Jessica
>>
>
> You need to save the changes:
>
> # service iptables save
>
> before you stop and restart the service.
Actually, that's not right. If he's editing /etc/sysconfig/iptables, and
saving that file, the changes he made are already saved.
Running service iptables save will only cause the system to save the rules
that are already running, in memory.
--
Mike Burger
http://www.bubbanfriends.org
Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org
To be notified of updates to the web site, visit
http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a
message to:
site-update-request at bubbanfriends.org
with a message of:
subscribe
More information about the redhat-list
mailing list