Wow i see it is very cool,<div>and now i am starting to use it also :) </div><div>+1 from me too :)</div><div>thanks to every body for all help<br><br><div class="gmail_quote">2010/4/24 Ron Loftin <span dir="ltr"><<a href="mailto:reloftin@twcny.rr.com">reloftin@twcny.rr.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="im"><br>
On Fri, 2010-04-23 at 18:16 -0400, Alan McKay wrote:<br>
> Have a look at shorewall (google it) for the best thing I've ever seen<br>
> for managing a Linux firewall<br>
<br>
</div>I agree about Shorewall. I've been using it for several years, and it<br>
does take a lot of the pain out of managing iptables.<br>
<br>
That being said, I will add my voice to the others on this list that<br>
point out that the OP's mods to /etc/sysconfig/iptables are very<br>
dangerous, and indicate a lack of understanding of how iptables and<br>
network security actually operate. Some study of basic principles and<br>
best practices is essential to managing a firewall configuration,<br>
regardless of the tool that is used.<br>
<br>
My $0.02 (US) worth for today.<br>
<div class="im"><br>
><br>
> 2010/4/23 cahit Eyigünlü <<a href="mailto:cahit.eyigunlu@gmail.com">cahit.eyigunlu@gmail.com</a>>:<br>
> > how could i add / remove iptable rules on cet os 5.4 final for tcp / udp<br>
> > base on ports<br>
> ><br>
<br>
</div><font color="#888888">--<br>
Ron Loftin <a href="mailto:reloftin@twcny.rr.com">reloftin@twcny.rr.com</a><br>
<br>
"God, root, what is difference ?" Piter from UserFriendly<br>
</font><div><div></div><div class="h5"><br>
_______________________________________________<br>
CentOS mailing list<br>
<a href="mailto:CentOS@centos.org">CentOS@centos.org</a><br>
<a href="http://lists.centos.org/mailman/listinfo/centos" target="_blank">http://lists.centos.org/mailman/listinfo/centos</a><br>
</div></div></blockquote></div><br></div>