<div>well, I have no choice, i'm "trusting" in service iptables save, but at list my box works!</div>
<div>Merry Christmas and Happy New Year</div>
<div>Cheers!<br><br> </div>
<div><span class="gmail_quote">2006/12/21, Morten Torstensen <<a href="mailto:morten@mortent.org">morten@mortent.org</a>>:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">Michael Velez wrote:<br>> CentOS 4.4 already has an iptables script. You should start with that. Then<br>
> add your customized iptables rules from the command line and once you have<br>> verified them, save them to /etc/sysconfig/iptables with 'service iptables<br>> save'. Are you using your old Fedora iptables script?
<br><br>I do it differently. I don't trust the "service iptables save" as<br>sometimes adding other services will alter the saved data. The Red Hat<br>scrips will do that for you to be "helpful".<br>
<br>The best solution (for me) is to create a completely standalone iptables<br>configuration script. Then I just hack the default iptables script to<br>run that script instead of loading the saved rules.<br><br>This leads to the minimum amount of intrusion into the Red Hat setup and
<br>has not given me any problems when upgrading from RH9 via various RHEL,<br>Fedora and now to CentOS4.<br><br>--<br><br>//Morten Torstensen<br>//Email: <a href="mailto:morten@mortent.org">morten@mortent.org</a><br>//IM:
<a href="mailto:Cartoon@jabber.no">Cartoon@jabber.no</a> <a href="mailto:morten.torstensen@gmail.com">morten.torstensen@gmail.com</a><br><br>And if it turns out that there is a God, I don't believe that he is evil.<br>
The worst that can be said is that he's an underachiever.<br>_______________________________________________<br>CentOS mailing list<br><a href="mailto:CentOS@centos.org">CentOS@centos.org</a><br><a href="http://lists.centos.org/mailman/listinfo/centos">
http://lists.centos.org/mailman/listinfo/centos</a><br></blockquote></div><br>