On Tue, 2007-03-27 at 08:22 +0800, Feizhou wrote:
Preston Crawford wrote:
Does anyone know what is happening? I've tried iptables -save or whatever. Nothing seems to work in getting these ports to be open on reboot.
service iptables save
I did that and it doesn't help. Do you think it has to do with the order in which things happen? i.e. smb starting up after iptables? It would seem other people would have that problem, though, wouldn't they?
Could you post the contents of /etc/sysconfig/iptables after a service iptables save?
If guess if you are thinking that the order of starting up could be the cause of it, the it might be easier if you do a simple hack as follows - its not the safest way, but heck, I'm hoping it will work for you :)
# iptables -F # iptables -Z # service iptables save # chkconfig iptables on
Put all your iptables rules into a script file # vi /root/myfirewall.sh #!/bin/bash IPTABLES=/sbin/iptables $IPTABLES -F $IPTABLES -Z $IPTABLES -A INPUT -s 192.168.1.1 -j ACCEPT <or whatever needs to be done> <save and exit> # chmod 700 /root/myfirewall.sh
Add the script file into rc.local # echo "/root/myfirewall.sh" >> /etc/rc.d/rc.local
Every time upon reboot, the rc.local file gets called right at the last and in that sequence your /root/myfirewall.sh gets called just before the system is ready to accept logins. All other services should have been up and running long before the /root/myfirewall.sh gets called.