On Tue, Jul 03, 2007, Oded Arbel wrote about "Re: Keeping iptables rules across
reboots on Debian (lenny) ?":
> *) The SysV script offers the option of "save" to call iptables-store
> for you. The standard sysadmin use case would be to setup the needed
> rules, then run '/etc/init.d/iptables save' and then reboot the machine
> and the rules will be loaded automatically.
The practice I recommend is different: don't modify the running iptables
using the "iptables" command at all. If you do that, you risk making mistakes
and having them saved forever, and also some things (involving rule chains,
etc.) are really hard to do this way.
The approach I like better is to edit
/etc/sysconfig/iptables
(this is where Fedora keeps the iptables rules)
using your default editor, taking your time, and when you want to try the
new rules, run
service iptables restart
(the same as /etc/rc.d/init.d/iptables restart).
--
Nadav Har'El | Tuesday, Jul 3 2007, 17 Tammuz 5767
[EMAIL PROTECTED] |-----------------------------------------
Phone +972-523-790466, ICQ 13349191 |Why are you looking down here? The joke
http://nadav.harel.org.il |is above!
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
