On 04/02/2012 05:07 PM, Les Mikesell wrote:
On Sun, Apr 1, 2012 at 12:43 PM, Eero Volotinen eero.volotinen@iki.fi wrote:
2012/3/30 Les Mikesell lesmikesell@gmail.com:
What is different about the initial startup of iptables than 'service iptables restart' (and different from C5)? I want to use iptables port redirection to send port 80 to 8080 so a java web service doesn't have to start as root. On C5 it worked to give the iptables commmands, then 'iptables save', and from then on it would automatically work when iptables started after a reboot. With C6, I have the expected entries in /etc/sysconfig/iptables and they are loaded after 'service iptables restart', but the initial startup is doing something else.
You should use mod_proxy instead of iptables redirect? or use authbind? (http://en.wikipedia.org/wiki/Authbind)
The iptables redirect works fine once the commands are loaded. My problem is just that the boot-time startup isn't loading the saved state from /etc/sysconfig/iptables, but a subsequent 'service iptables restart' does - and it is something new in 6.x.
Did you make sure that the service is active and that the iptables service is actually startet on bootup?
Try "chkconfig --list iptables" to see if it is active and "chkconfig iptables on" to activate it.
Regards, Dennis