> iptables-save will only output the rules in a way that > iptables-restore will be able to rebuild the rules from. > > If what you want is for these rules to be up when you boot the > machine, what you want is probably "service iptables save", which will > use iptables-save to record these rules to /etc/sysconfig/iptables, > and a script automatically calls iptables-restore to read that file > upon boot. > > > thanks - once added do i need to do anything to make these 'live' ? I imagine that a iptables restart will cut off current connections ? Is there not a 'reload' or similar? thanks