> > Richard Melville wrote: > > Can anybody tell me what the reason is for not using iptables-save and > > iptables-restore? > > You can use them if you want, but I don't see a use for them unless you > are doing some kind of dynamic control of the tables. It's better if > the admin knows what rules are being used and they can be easily > documented in rc.iptables. > > -- Bruce > > Thanks Bruce, I can see the distinction now. I've created another file for iptables-save which I can use after experimenting dynamically with the iptables command. I can then copy across the relevant parts to the firewall script in /etc/rc.d/rc.iptables.
What I don't understand is: when setting the kernel parameters why enabling or disabling *all* doesn't automatically affect *default*. Also, in the book only *default* is turned off in *accept-redirects* and not *all*, unlike the other parameters. Richard
-- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page