Hi, I have to change rather complex iptables rules on server and I do not want to lock me out as this server is about 50 miles away. So how should I do it?
I can back up the old rules by running: /etc/init.d/iptables save and it will be saved to /var/lib/iptables/rules-save (some strange format starting with number like [536:119208]) I prepared a script with new (modified) iptables-rules, which I will run in bash. But in case I screw something, how could I force netfilter to load old saved rules, if I for whatever reason do not connect to server (ssh)? Or can I load new iptables-rules for certain time, and then force netfilter to load back the old rules again? Jarry -- _______________________________________________________________ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.
