[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: my iptables setting not loaded after reboot in fc5



First you should set the iptables rules to what you desire. Then you should save them with

iptables-save > /etc/sysconfig/iptables

and having set the settings I refered to to "yes", the iptables should survive after a reboot.
It works perfectly with my system. I think the problem is that you rebooted/restarted
iptables before setting them up, and that's why you don't get any rules now.

The best way to correct this I guess is through the graphical helper go to
Start->System->Administration->Security Level and Firewall

and change things to your liking over there. Then you will have secure and functional
default iptables that you can tweak around to your liking.

Filippos


On 5/18/06, Hongwei Li <hongwei wustl edu> wrote:
> You should also change
>
> IPTABLES_SAVE_ON_RESTART="no"
>
> to
>
> IPTABLES_SAVE_ON_RESTART="yes"
>
> as well in /etc/sysconfig/iptables-config. Then make all the desired changes
> you
> want in iptables rules and save them (just in case) by
>
> iptables-save > /etc/sysconfig/iptables
>
> Then your rules should survive system reboots.
>
> Filippos
>
No, it gets even worse -- erased all of my settings and put something like:

# Generated by iptables-save v1.3.5 on Thu May 18 14:04:52 2006
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Thu May 18 14:04:52 2006
# Generated by iptables-save v1.3.5 on Thu May 18 14:04:52 2006
*mangle
:PREROUTING ACCEPT [5249:508453]
:INPUT ACCEPT [5249:508453]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2607:420915]
:POSTROUTING ACCEPT [2608:421173]
COMMIT
# Completed on Thu May 18 14:04:52 2006
# Generated by iptables-save v1.3.5 on Thu May 18 14:04:52 2006
*nat
:PREROUTING ACCEPT [544:96419]
:POSTROUTING ACCEPT [119:9123]
:OUTPUT ACCEPT [119:9123]
COMMIT
# Completed on Thu May 18 14:04:52 2006

in the file /etc/sysconfig/iptables and no port (22, 80, etc.) is open after
reboot.

Hongwei

--
fedora-list mailing list
fedora-list redhat com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]