On Sep 13, 2006, at 10:33 AM, Lan Barnes wrote:
I find I am ambivalent about tools like lokkit, which often do what I want but hide what they do.
The file you're looking for is /etc/sysconfig/iptables. (I think Stewart pointed you at an old location.)
All lokkit does is set up the requested rules and then effectively call iptables-save to write the contents out to that file. The /etc/ init.d/iptables script will process the saved rules on startup and shutdown. Since all the config files and arguments are bog-standard iptables fare, feel free to forsake lokkit and fill/edit that file yourself, either by hand or using the iptables tools. (Once you do this, beware not to run lokkit (or system-config-securitylevel) again, as it will clobber your changes.) You may also find /etc/ sysconfig/iptables-config interesting and useful.
Of course it can be painful jumping all the way from a simple GUI tool into the arcane command line world of iptables... so the other choice would be to use something a little friendlier like Shorewall.
-- Joshua Penix http://www.binarytribe.com Binary Tribe Linux Integration Services & Network Consulting -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
