[plug] Saving iptables?
Fred Janon
fjanon at yahoo.com
Tue Oct 19 18:26:11 WST 2010
Hi,
I changed the iptables on my CentOS install but after rebooting the iptables are not set properly. Looking at /etc/sysconfig/iptables, it seems that they were saved properly. Do I need to change a setting somewhere to get them restored after a reboot?
Thanks
Fred
$ sudo cat /etc/sysconfig/iptables# Generated by iptables-save v1.4.7 on Mon Oct 18 08:43:55 2010*nat:PREROUTING ACCEPT [109:6588]:OUTPUT ACCEPT [124:9172]:POSTROUTING ACCEPT [124:9172]-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080-A OUTPUT -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080COMMIT# Completed on Mon Oct 18 08:43:55 2010
-----------------------------------------------------sudo cat /etc/sysconfig/iptables-config# Load additional iptables modules (nat helpers)# Default: -none-# Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'), which# are loaded after the firewall rules are applied. Options for the helpers are# stored in /etc/modprobe.conf.IPTABLES_MODULES=""
# Unload modules on restart and stop# Value: yes|no, default: yes# This option has to be 'yes' to get to a sane state for a firewall# restart or stop. Only set to 'no' if there are problems unloading netfilter# modules.IPTABLES_MODULES_UNLOAD="yes"
# Save current firewall rules on stop.# Value: yes|no, default: no# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets stopped# (e.g. on system shutdown).IPTABLES_SAVE_ON_STOP="no"
# Save current firewall rules on restart.# Value: yes|no, default: no# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets# restarted.IPTABLES_SAVE_ON_RESTART="no"
# Save (and restore) rule and chain counter.# Value: yes|no, default: no# Save counters for rules and chains to /etc/sysconfig/iptables if# 'service iptables save' is called or on stop or restart if SAVE_ON_STOP or# SAVE_ON_RESTART is enabled.IPTABLES_SAVE_COUNTER="no"
# Numeric status output# Value: yes|no, default: yes# Print IP addresses and port numbers in numeric format in the status output.IPTABLES_STATUS_NUMERIC="yes"
# Verbose status output# Value: yes|no, default: yes# Print info about the number of packets and bytes plus the "input-" and# "outputdevice" in the status output.IPTABLES_STATUS_VERBOSE="no"
# Status output with numbered lines# Value: yes|no, default: yes# Print a counter/number for every rule in the status output.IPTABLES_STATUS_LINENUMBERS="yes"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20101019/ae0bff34/attachment.html>
More information about the plug
mailing list