[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: set up NAT (network address translation) on local server



Tim wrote:
On Fri, 2008-11-21 at 10:17 -0800, Rick Stevens wrote:
In /etc/sysconfig/iptables-config, if you change the following lines
to these:

        IPTABLES_SAVE_ON_STOP = "yes"
        IPTABLES_SAVE_ON_RESTART = "yes"

(by default they're set to "no"), you will cause the system to run

        iptables-save >/etc/sysconfig/iptables

when "system iptables stop|restart" is run ("restart" is really a
"stop" followed by a "start").  This will save any changes made to the
running rules by the iptables command before iptables is actually
stopped.

I'm curious why the rules aren't saved when you set them.  Surely that's
the time to commit them to file?  Not when starting/stopping/restarting
the iptables service.

No, the time to save them is after you test your changes and they work.

--
Bill Davidsen <davidsen tmr com>
  "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]