[CentOS] Putting nat routing into place permanently? -- service iptables save

Mon Nov 7 17:14:07 UTC 2005
Les Mikesell <lesmikesell at gmail.com>

On Mon, 2005-11-07 at 04:38, Peter Farrow wrote:
> >It's not the right place for things that need to be adjusted on
> >runlevel changes, although it can be used as a quick fix for
> >not having a proper init script.
> 
> One final point, why would you want to change a firewall on runlevel 
> changes?  On an internet facing machine this would seem an odd and risky 
> thing to do...

The main reason would be so that the settings would be found by
anyone with a sysV background on any machine with a sysV-like
runlevel mechanism.  Even if you only have two states, that's
where someone would look first to find them.  And, it lets you
set it up at the right place during startup.  rc.local is run much
too late to turn on a firewall although if you don't run any other
services or proxies on the machine it might not matter.

-- 
  Les Mikesell
    lesmikesell at gmail.com