On Tue, Jan 19, 2010 at 7:31 AM, Kai Schaetzl maillists@conactive.com wrote:
Carlos Santana wrote on Mon, 18 Jan 2010 17:54:51 -0600:
- The wiki page approach is to flush existing rules and then add
required rules to iptables. Is it possible to add/append required rules without flushing existing set of rules
You can add rules on-the-fly at runtime and then use service iptables save to save them. This will be automatically loaded on a service iptables start. But it's harder to maintain as a script of your own. I prefer to write a script, run it (which includes flushing etc.) and when it's ok I save that result.
Kai
Currently my approach is similar to yours, which is shown in the wiki page also.
I didn't get what you mean by - 'But it's harder to maintain as a script of your own.'. You are also using script, right? I use git for maintaining versions (not a public repo).
- CS.
-- Get your web at Conactive Internet Services: http://www.conactive.com
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos