On Wed, 2002-07-31 at 16:33, Anthony E. Greene wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 31-Jul-2002/13:06 -0400, "C. Linus Hicks" <[EMAIL PROTECTED]> wrote: > >I took a somewhat heavy handed approach to this. I modified the iptables > >script in /etc/init.d to check for the existence of a shell script I > >wrote to set the rules, and if it exists, run that rather than applying > >the saved rules. Please note that modifications such as this will more > >than likely get lost the next time you upgrade. It is also susceptible > >to updates like initscripts. > > This is why I generally recommend creating a shell script that creates all > firewall rules, then saves them using "service iptables save". You update > the script, run it, and the changes are made and saved. The next time you > reboot and/or restart iptables, the changes created by the custom shell > script are re-applied as part of the normal initscript process.
That doesn't solve the problem when the act of booting may cause a new IP address to be assigned. Linus -- redhat-list mailing list Unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list