[CentOS] iptables package issue

Fri Apr 8 20:05:22 UTC 2011
Bowie Bailey <Bowie_Bailey at BUC.com>

On 4/8/2011 4:00 PM, Ned Slider wrote:
> On 08/04/11 20:56, Ned Slider wrote:
>> On 08/04/11 19:49, Joseph L. Casale wrote:
>>> I just did a test install off a netinstall iso to a mirror repo which left
>>> no /etc/sysconfig/iptables file in place.
>>>
>>> So a quick check:
>>> # yum whatprovides /etc/sysconfig/iptables --disablerepo=\* --enablerepo=base --enablerepo=updates --disableplugin=\*
>>> No Matches found
>>>
>>> Without that file iptables doesn't start as per the init script. Anyone
>>> know what may be awry?
>>>
>>> Thanks,
>>> jlc
>>>
>> /etc/sysconfig/iptables is created or owned by any package, it's created
>> by running the iptables-save command. Try running iptables-save.
>>
> Oops, sorry, I meant /etc/sysconfig/iptables *isn't* created or owned by 
> any package.

And since that file contains the rules list for iptables, it doesn't
make sense for iptables to run without it.

Basically, if you want to run iptables, you need to define some rules
first.  Either create the file by hand and then start iptables, or
create the rules in iptables and use "service iptables save" to create
the file.

-- 
Bowie