Olaf Meeuwissen wrote: > Better yet, forget the whole /etc/default/iptables stuff and set your > firewalling up through appropriate scripts in the > /etc/network/if-*.d/ directories. For an idea on how you could go
Is there any better reason than "forget about it" for your approach? How do you update single rules in running configs? With /etc/init.d/iptables, you make your changes with "iptables ..." and save the whole ruleset with "/etc/init.d/iptables save active". If your're afraid of loosing remote connection while experimenting with rulesets, you may save your working config to a new name and schedule (with cron/at) a "/etc/init.d/iptables load SavedBackupNameblabla" before your start changing anything. It's also easy to have several different iptables setups or versions and backups. How do you achieve this with your solution? I can't see any benefits. -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
