Michael D. Berger wrote:
> In setting up my new CentOS 6 laptop, I replaced
> /etc/sysconfig/iptables with my own, very restrictive
> version. I then tried to restart the iptables daemon,
> but it reported that my new iptables was unreadable.
> On a guess, I disabled selinux, and my problem was
> solved. Later, I re-enabled selinux and on reboot, it
> had to go through a very long setup procedure.
>
> Is there something better I could have done when
> replacing iptables, so that I would not have to
> disable selinux?
ll -Z /etc/sysconfig/iptables.orig
Look at the results, then
chcon or semanage to change
/etc/sysconfig/iptables.michael to match.
mark "or disable selinux"