Dear Karan. ... > So, what I am looking for really is feedback on what people are using in > the wild on multiple machines, and bonus points for people who only use > tools and mechanisms already built into the CentOS [base] repo. We are using Spacewalk to manage /etc/sysconfig/iptables files. The files are version controlled with the integrated config management tool. As SW does not (yet) support depended command execution, we are using remote command execution through osad to reload iptables, afterwards. Testing could be done with Spacewalk's monitoring capabilities or external tools. Best Regards Marcus