[CentOS] Question about rebooting and iptables rules persisting
Roy Ong
centos-list at royong.com
Tue Mar 27 00:50:02 UTC 2007
On Tue, 2007-03-27 at 08:22 +0800, Feizhou wrote:
> Preston Crawford wrote:
> >>> Does anyone know what is happening? I've tried iptables -save or
> >>> whatever.
> >>> Nothing seems to work in getting these ports to be open on reboot.
> >>>
> >> service iptables save
> >
> > I did that and it doesn't help. Do you think it has to do with the order
> > in which things happen? i.e. smb starting up after iptables? It would seem
> > other people would have that problem, though, wouldn't they?
>
> Could you post the contents of /etc/sysconfig/iptables after a service
> iptables save?
If guess if you are thinking that the order of starting up could be the
cause of it, the it might be easier if you do a simple hack as follows -
its not the safest way, but heck, I'm hoping it will work for you :)
# iptables -F
# iptables -Z
# service iptables save
# chkconfig iptables on
Put all your iptables rules into a script file
# vi /root/myfirewall.sh
#!/bin/bash
IPTABLES=/sbin/iptables
$IPTABLES -F
$IPTABLES -Z
$IPTABLES -A INPUT -s 192.168.1.1 -j ACCEPT
<or whatever needs to be done>
<save and exit>
# chmod 700 /root/myfirewall.sh
Add the script file into rc.local
# echo "/root/myfirewall.sh" >> /etc/rc.d/rc.local
Every time upon reboot, the rc.local file gets called right at the last
and in that sequence your /root/myfirewall.sh gets called just before
the system is ready to accept logins. All other services should have
been up and running long before the /root/myfirewall.sh gets called.
More information about the CentOS
mailing list