On 04/02/2012 05:07 PM, Les Mikesell wrote: > On Sun, Apr 1, 2012 at 12:43 PM, Eero Volotinen <eero.volotinen at iki.fi> wrote: >> 2012/3/30 Les Mikesell <lesmikesell at gmail.com>: >>> What is different about the initial startup of iptables than 'service >>> iptables restart' (and different from C5)? I want to use iptables >>> port redirection to send port 80 to 8080 so a java web service doesn't >>> have to start as root. On C5 it worked to give the iptables >>> commmands, then 'iptables save', and from then on it would >>> automatically work when iptables started after a reboot. With C6, I >>> have the expected entries in /etc/sysconfig/iptables and they are >>> loaded after 'service iptables restart', but the initial startup is >>> doing something else. >> >> You should use mod_proxy instead of iptables redirect? or use >> authbind? (http://en.wikipedia.org/wiki/Authbind) > > The iptables redirect works fine once the commands are loaded. My > problem is just that the boot-time startup isn't loading the saved > state from /etc/sysconfig/iptables, but a subsequent 'service iptables > restart' does - and it is something new in 6.x. > Did you make sure that the service is active and that the iptables service is actually startet on bootup? Try "chkconfig --list iptables" to see if it is active and "chkconfig iptables on" to activate it. Regards, Dennis