Why dont you do a "chkconfig --level 2345 iptables off"? This should
remove all instances of the startup of iptables.

On Tue, 2002-09-24 at 08:12, Mike Burger wrote:
> Peter:
> 
> The point is that you should not be running the script at boot if you want 
> to save the rules to /etc/sysconfig/iptables, and then have them loaded at 
> boot time.
> 
> There is already an init script in /etc/init.d (and linked in the various 
> /etc/rc.d/rcX.d directories).
> 
> Your best bet is to use your script to generate your firewall, initially, 
> and then use the init script to save the rules to /etc/sysconfig/iptables 
> by issuing the command "service iptables save".
> 
> You can then modify your script when you want to add/remove/modify rules, 
> and then try them out by doing, as root:
> 
> "service iptables stop ; /path/to/firewall.script"
> 
> If the rules didn't work properly, you can then "service iptables restart" 
> and your old rules get read back from /etc/sysconfig/iptables.
> 
> If the rules do work properly, then you should again "service iptables 
> save".
> 
> On Tue, 24 Sep 2002, linux power wrote:
> 
> > I have not said that the script should be saved in
> > /etc/sysconfig/iptables.
> > I said I have a script with the rules that saves it in
> > that file
> > 
> >  --- Peter Robb <[EMAIL PROTECTED]> skrev: > Yes and
> > no Mike.
> > > 
> > > > linux power <[EMAIL PROTECTED]> said:
> > > > > Why doesnt linux load the
> > > /etc/sysconfig/iptables
> > > > > file?
> > > > > I have a shell script I run with the iptables
> > > rules,
> > > > > and they are saved in /etc/sysconfig/iptables
> > > file.
> > > > > But when I restart iptables it dont load the
> > > file.
> > > 
> > > The file saved in /etc/sysconfig/iptables isn't a
> > > script 
> > > file. If you try to put a script file there,
> > > iptables won't 
> > > read it.
> > > It has it's own preferred format, which is what you
> > > see 
> > > after doing the 'service iptables save' command.
> > > Any script file (executable) will need to be
> > > elsewhere.
> > > 
> > > Regards,
> > > Peter
> > > 
> > > 
> > > ----------  Forwarded Message  ----------
> > > 
> > > Subject: Re: Fwd: Re: Why doesnt iptables load the 
> > > /etc/sysconfig/iptables file?
> > > Date: Mon, 23 Sep 2002 16:42:56 -0000
> > > From: "Mike Burger" <[EMAIL PROTECTED]>
> > > To: <[EMAIL PROTECTED]>
> > > 
> > > What script?  Are you talking about the init script
> > > I
> > >  mentioned, which normally resides in /etc/init.d? 
> > > If so,
> > >  then what I said stands...at boot time,
> > >  /etc/init.d/iptables reads the last saved
> > > configuration
> > >  from /etc/sysconfig/iptables.
> > > 
> > > Peter Robb <[EMAIL PROTECTED]> said:
> > > > Make sure you don't expect BOTH the script and
> > > > /etc/sysconfig/iptables to work together.
> > > > It will depend on which loads first and what each
> > > one
> > > > overwrites.
> > > > Many scripts flush and delete existing chains...
> > > Hmmm?
> > > >
> > > > Regards,
> > > > Peter
> > > >
> > > > ----------  Forwarded Message  ----------
> > > >
> > > > Subject: Re: Why doesnt iptables load the
> > > > /etc/sysconfig/iptables file?
> > > > Date: Tue, 17 Sep 2002 17:50:45 -0000
> > > > From: "Mike Burger" <[EMAIL PROTECTED]>
> > > > To: <[EMAIL PROTECTED]>
> > > >
> > > > How, exactly, are you restarting iptables.
> > > >
> > > > If you "service iptables start", the init script
> > > should
> > > >  read that /etc/sysconfig/iptables file and
> > > implement
> > > > that saved configuration.
> > > >
> > > > linux power <[EMAIL PROTECTED]> said:
> > > > > Why doesnt linux load the
> > > /etc/sysconfig/iptables
> > > > > file?
> > > > > I have a shell script I run with the iptables
> > > rules,
> > > > > and they are saved in /etc/sysconfig/iptables
> > > file.
> > > > > But when I restart iptables it dont load the
> > > file.
> > > > > The permissions for the file is --rw--r--r
> > > > > The permissions was before I changed it --rw--
> > > ---
> > > > > I have checked that the rules are not loaded
> > > with
> > > > > /sbin/iptables -L
> > > > > It worked a few days ago. Is it the cron demon
> > > that
> > > > > change the settings.
> > > > >
> > > > >
> > > > >
> > >
> > ______________________________________________________
> > > > > Se den nye Yahoo! Mail p? http://no.yahoo.com/
> > > > > Nytt design, enklere ? bruke, alltid tilgang til
> > > > > Adressebok, Kalender og
> > > >
> > > > Notisbok
> > > >
> > > > > --
> > > > > redhat-list mailing list
> > > > > unsubscribe
> > > > >
> > >
> > mailto:[EMAIL PROTECTED]?subject=unsubscri
> > > > >be
> > > > >
> > >
> > https://listman.redhat.com/mailman/listinfo/redhat-list
> > > >
> > > > --
> > > > Mike Burger
> > > > http://www.bubbanfriends.org
> > > >
> > > > Visit the Dog Pound II BBS
> > > > telnet://dogpound2.citadel.org, or
> > > >  http://dogpound2.citadel.org:2000
> > > >
> > > >
> > > >
> > > >
> > > > --
> > > > redhat-list mailing list
> > > > unsubscribe
> > > > 
> > > >
> > >
> > mailto:[EMAIL PROTECTED]?subject=unsubscribe
> > > >
> > >
> > https://listman.redhat.com/mailman/listinfo/redhat-list
> > > >
> > > >
> > >
> > -------------------------------------------------------
> > > >
> > > >
> > > >
> > > > --
> > > > redhat-list mailing list
> > > > unsubscribe
> > > >
> > >
> > mailto:[EMAIL PROTECTED]?subject=unsubscribe
> > > >
> > >
> > https://listman.redhat.com/mailman/listinfo/redhat-list
> > > 
> > > --
> > > Mike Burger
> > > http://www.bubbanfriends.org
> > > 
> > > Visit the Dog Pound II BBS
> > > telnet://dogpound2.citadel.org, or
> > >  http://dogpound2.citadel.org:2000
> > > 
> > > 
> > > 
> > > 
> > > --
> > > redhat-list mailing list
> > > unsubscribe
> > > 
> > >
> > mailto:[EMAIL PROTECTED]?subject=unsubscribe
> > > 
> > >
> > https://listman.redhat.com/mailman/listinfo/redhat-list
> > > 
> > >
> > -------------------------------------------------------
> > > 
> > > 
> > > 
> > > -- 
> > > redhat-list mailing list
> > > unsubscribe
> > >
> > mailto:[EMAIL PROTECTED]?subject=unsubscribe
> > >
> > https://listman.redhat.com/mailman/listinfo/redhat-list
> > 
> > ______________________________________________________
> > Se den nye Yahoo! Mail på http://no.yahoo.com/
> > Nytt design, enklere å bruke, alltid tilgang til Adressebok, Kalender og Notisbok
> > 
> > 
> > 
> > 
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
-- 
~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=

Richie Crews

Unix Administrator / Internet Integrator

Email: [EMAIL PROTECTED]

Cell: (706) 773 - 3436
Desk: (706) 634 - 3681
Fax: (706) 634 - 3831

~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to