my iptables setting not loaded after reboot in fc5
Filippos Klironomos
presariod at gmail.com
Thu May 18 19:49:35 UTC 2006
First you should set the iptables rules to what you desire. Then you should
save them with
iptables-save > /etc/sysconfig/iptables
and having set the settings I refered to to "yes", the iptables should
survive after a reboot.
It works perfectly with my system. I think the problem is that you
rebooted/restarted
iptables before setting them up, and that's why you don't get any rules now.
The best way to correct this I guess is through the graphical helper go to
Start->System->Administration->Security Level and Firewall
and change things to your liking over there. Then you will have secure and
functional
default iptables that you can tweak around to your liking.
Filippos
On 5/18/06, Hongwei Li <hongwei at wustl.edu> wrote:
>
> > You should also change
> >
> > IPTABLES_SAVE_ON_RESTART="no"
> >
> > to
> >
> > IPTABLES_SAVE_ON_RESTART="yes"
> >
> > as well in /etc/sysconfig/iptables-config. Then make all the desired
> changes
> > you
> > want in iptables rules and save them (just in case) by
> >
> > iptables-save > /etc/sysconfig/iptables
> >
> > Then your rules should survive system reboots.
> >
> > Filippos
> >
> No, it gets even worse -- erased all of my settings and put something
> like:
>
> # Generated by iptables-save v1.3.5 on Thu May 18 14:04:52 2006
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> COMMIT
> # Completed on Thu May 18 14:04:52 2006
> # Generated by iptables-save v1.3.5 on Thu May 18 14:04:52 2006
> *mangle
> :PREROUTING ACCEPT [5249:508453]
> :INPUT ACCEPT [5249:508453]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [2607:420915]
> :POSTROUTING ACCEPT [2608:421173]
> COMMIT
> # Completed on Thu May 18 14:04:52 2006
> # Generated by iptables-save v1.3.5 on Thu May 18 14:04:52 2006
> *nat
> :PREROUTING ACCEPT [544:96419]
> :POSTROUTING ACCEPT [119:9123]
> :OUTPUT ACCEPT [119:9123]
> COMMIT
> # Completed on Thu May 18 14:04:52 2006
>
> in the file /etc/sysconfig/iptables and no port (22, 80, etc.) is open
> after
> reboot.
>
> Hongwei
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/users/attachments/20060518/fd758e1f/attachment-0002.html
More information about the users
mailing list