my iptables setting not loaded after reboot in fc5

Filippos Klironomos presariod at gmail.com
Thu May 18 19:49:35 UTC 2006


First you should set the iptables rules to what you desire. Then you should
save them with

iptables-save > /etc/sysconfig/iptables

and having set the settings I refered to to "yes", the iptables should
survive after a reboot.
It works perfectly with my system. I think the problem is that you
rebooted/restarted
iptables before setting them up, and that's why you don't get any rules now.

The best way to correct this I guess is through the graphical helper go to
Start->System->Administration->Security Level and Firewall

and change things to your liking over there. Then you will have secure and
functional
default iptables that you can tweak around to your liking.

Filippos


On 5/18/06, Hongwei Li <hongwei at wustl.edu> wrote:
>
> > You should also change
> >
> > IPTABLES_SAVE_ON_RESTART="no"
> >
> > to
> >
> > IPTABLES_SAVE_ON_RESTART="yes"
> >
> > as well in /etc/sysconfig/iptables-config. Then make all the desired
> changes
> > you
> > want in iptables rules and save them (just in case) by
> >
> > iptables-save > /etc/sysconfig/iptables
> >
> > Then your rules should survive system reboots.
> >
> > Filippos
> >
> No, it gets even worse -- erased all of my settings and put something
> like:
>
> # Generated by iptables-save v1.3.5 on Thu May 18 14:04:52 2006
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> COMMIT
> # Completed on Thu May 18 14:04:52 2006
> # Generated by iptables-save v1.3.5 on Thu May 18 14:04:52 2006
> *mangle
> :PREROUTING ACCEPT [5249:508453]
> :INPUT ACCEPT [5249:508453]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [2607:420915]
> :POSTROUTING ACCEPT [2608:421173]
> COMMIT
> # Completed on Thu May 18 14:04:52 2006
> # Generated by iptables-save v1.3.5 on Thu May 18 14:04:52 2006
> *nat
> :PREROUTING ACCEPT [544:96419]
> :POSTROUTING ACCEPT [119:9123]
> :OUTPUT ACCEPT [119:9123]
> COMMIT
> # Completed on Thu May 18 14:04:52 2006
>
> in the file /etc/sysconfig/iptables and no port (22, 80, etc.) is open
> after
> reboot.
>
> Hongwei
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/users/attachments/20060518/fd758e1f/attachment-0002.html 


More information about the users mailing list