On Tue, 2005-11-01 at 08:38 -0800, Bryan J. Smith wrote: > Preston Crawford wrote: > > What's the canonical way to do this in CentOS/RHEL? I > > know how to do it from the command line, but how to do > > I make a NAT route permanent? > > Tom Brown <tom.brown at goodtechnology.com> wrote: > > rc.local ? > > Actually, for newer kernel 2.4+ Fedora-based distros > (including CentOS 3+), it's recommended you use the "service > iptables save" (or "/etc/init.d/iptables save"). Oh, interesting. > It basically parses the currently configured tables in the > kernel and outputs them (in short-hand form) to the > configuration file /etc/sysconfig/iptables. Okay. > Then configure the iptables script to start at boot for > run-levels 2+. FYI, I'm not sure what happens to any "saved Okay, here you lost me. Are you saying we run /etc/sysconfig/iptables at boot for the various runlevels? > changes" if you re-configure /etc/sysconfig/iptables from the > "Firewall Setup" though. So do that with care. Okay. Thanks. Preston