[ltp] about iptables ??

Tod Harter linux-thinkpad@linux-thinkpad.org
Mon, 25 Aug 2003 15:29:59 -0400 

iptables itself is a kernel facility and corresponding user space tools, so it 
doesn't store data itself anywhere, you just run iptables commands to set up 
the running state of your kernel.

Mandrake/Red Hat created an 'iptables service', which you can manage using 
chkconfig --list iptables (any normal service manipulating interface, there 
are dozens...). The service init service for iptables reads the file 
/etc/sysconfig/iptables which must be in the format supplied by the command 
iptables-save (you can generate it with 'service iptables save' I believe if 
you're root). 

So, to set up some firewall rules that always get set up when you boot

install the iptables RPM if its not already installed

chkconfig iptables on
(use iptables commands to set up your configuration)
service iptables save
(you may need to tweak the /etc/sysctl.conf)

Now when you boot your rules should automagically be restored.

So the short answer is /etc/sysconfig/iptables

Generally most of your systems configuration is going to be in /etc/sysconfig

On Monday 25 August 2003 02:41 pm, James Mckenzie wrote:
> Where are the rules for iptables kept?  I want to look at those on my
> Linux equipped Thinkpad.
>
> James McKenzie
>
> Dan Sawyer wrote:
> > Frank,
> >
> > If you search around you may find his web site; I have lost the link.
> > He offered a package to configure ipchains. I am using it and it seems
> > to work great.
> >
> > I have not converted it to tables yet. If there is a tool to to that I
> > would appreciate a pointer.
> >
> > Dan
> >
> > Brian Allbee wrote:
> >>If you have the money and inclination, you might also take a look at
> >>"Linux Firewalls" (Ziegler, Constaintine). I can't vouch for the latest
> >>edition personally, but the first edition (predating iptables) was
> >>extremely thorough about how to set up a nice, tight firewall with
> >>ipchains (and converting those rules to iptables, while a bit tedious,
> >>is not difficult).
> >>
> >>On Sun, 2003-08-24 at 23:55, Burcu Yasuk wrote:
> >>>Hello All,
> >>>
> >>>I need a document about how iptables work on mandrake 9.1 and how I can
> >>>activate and install rules with iptablesAnyone can help me ?
> >>>
> >>>Best regards,----------------------------------------------------------
> >>>--
> >>>
> >>>-----------------------------------------
> >>>Thought for the Moment:
> >>>The computer can't tell you the emotional story.  It can give you the
> >>> exact mathematical design, but what's missing is the eyebrows.
> >>>- Frank Zappa
> >>>
> >>>This quote was generated randomly.
> >>>If it offends, please blame my computer!
> >>>----------------------------------------
> >>>Brian D. Allbee
> >>>inimicus@chisp.net
> >>>(303) 988-4150

-- 
Giant Electronic Brain
Internet/E-Commerce Consulting Services