[CentOS] creating script for init.d

Thu Dec 21 12:48:55 UTC 2006
Morten Torstensen <morten at mortent.org>

Michael Velez wrote:
> CentOS 4.4 already has an iptables script. You should start with that.  Then
> add your customized iptables rules from the command line and once you have
> verified them, save them to /etc/sysconfig/iptables with 'service iptables
> save'.  Are you using your old Fedora iptables script?

I do it differently. I don't trust the "service iptables save" as 
sometimes adding other services will alter the saved data. The Red Hat 
scrips will do that for you to be "helpful".

The best solution (for me) is to create a completely standalone iptables 
configuration script. Then I just hack the default iptables script to 
run that script instead of loading the saved rules.

This leads to the minimum amount of intrusion into the Red Hat setup and 
has not given me any problems when upgrading from RH9 via various RHEL, 
Fedora and now to CentOS4.


//Morten Torstensen
//Email: morten at mortent.org
//IM: Cartoon at jabber.no morten.torstensen at gmail.com

And if it turns out that there is a God, I don't believe that he is evil.
The worst that can be said is that he's an underachiever.