[CentOS] [CEntOS] - problem with iptables
zGreenfelder
zgreenfelder at gmail.com
Thu Oct 10 14:20:16 UTC 2013
On Thu, Oct 10, 2013 at 10:13 AM, Paolo De Michele
<paolo at paolodemichele.it>wrote:
> sorry, but now if I modify /etc/sysconfig/iptables and I add two strings,
> per example:
>
> output omitted
> -----
> -A INPUT -s ddns.no-ip.org -p icmp -j ACCEPT
> -A INPUT -j DROP
> ------
> output omitted
>
> and I do:
>
> service iptables save
> and
> restart my iptables firewall, output iptables -L is:
>
> -A INPUT -j DROP
> -A INPUT -s ddns.no-ip.org -p icmp -j ACCEPT
>
>
> why?
'service iptables save' tells iptables to take what's running in iptables
RIGHT NOW and save it to that file. so your added lines got overwritten.
so what previous replies have been expecting you to do is
boot up
login as root
start doing your commands e.g. iptables -I INPUT -s 192.168.0.0/16 -I eth0
-j DROP
get all the iptables command entries set to how you want them, check with
iptables -L
then run 'service iptabels save'
and reboot just to be sure all your rules got saved and are restored after
a boot. (although it shouldn't technically be required)
--
Even the Magic 8 ball has an opinion on email clients: Outlook not so good.
More information about the CentOS
mailing list