On Wed, 2002-07-31 at 16:33, Anthony E. Greene wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 31-Jul-2002/13:06 -0400, "C. Linus Hicks" <[EMAIL PROTECTED]> wrote:
> >I took a somewhat heavy handed approach to this. I modified the iptables
> >script in /etc/init.d to check for the existence of a shell script I
> >wrote to set the rules, and if it exists, run that rather than applying
> >the saved rules. Please note that modifications such as this will more
> >than likely get lost the next time you upgrade. It is also susceptible
> >to updates like initscripts.
> 
> This is why I generally recommend creating a shell script that creates all
> firewall rules, then saves them using "service iptables save". You update
> the script, run it, and the changes are made and saved. The next time you
> reboot and/or restart iptables, the changes created by the custom shell
> script are re-applied as part of the normal initscript process. 

That doesn't solve the problem when the act of booting may cause a new
IP address to be assigned.

Linus





-- 
redhat-list mailing list
Unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to