>> The first file /etc/sysconfig/ipchains is created/updated automatically by >> lokkit. However, I am quickly finding that lokkit can only provide the > >You may wish to examine the fwbuilder program from fwbuilder.org (I think >its .org)
Thanks, Duncan, took a look at it but it actually made ipchains look easy by comparison :) Also, I do a lot of configuration of security rules from remote (I know, it's dodgy, and I risk locking myself out) - so the GUI is a bit heavyweight. Thanks anyway - I had been wondering if there was an opensource checkpoint-like tool around. Good to know. chas Question still stands, therefore : <snip> In order for my rules to be started at startup time, I could manually edit /etc/sysconfig/ipchains but that's not ideal b/c my changes would be overwritten next time lokkit is run. Seems like I should therefore : 1. Delete /etc/sysconfig/ipchains 2. Remember not to use lokkit any more (or else /etc/sysconfig/ipchains will be recreated) 3. /sbin/ipchains-save > /etc/ipchains.rules 4. Create a new startup script such as /etc/rc.d/S08myipchains which simply does the following : #!/bin/sh ipchains-restore < /etc/ipchains.rules OR : 1. Simply /sbin/ipchains-save > /etc/sysconfig/ipchains 2. Disable the lokkit program. Is this the correct procedure ? </snip> _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
