-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 18-Jul-2002/11:59 +0200, Ximo Llacer <[EMAIL PROTECTED]> wrote: >It is in "rc.local", IS THAT CORRECT ?
No. In the first place it should be run before the network comes up. Second, updating the firewall is more work than it should be. There's a better way to do this. Each service is started by an initscript at the right time during booting, and when changing run levels. If you need to run the service in a certain way, then the best thing to do is to make sure the initscript runs it the way you want it run. So if you want the iptables service to work a certain way, then make sure the iptables initscript starts it correctly. In this case, the iptables initscript gets its setting from /etc/sysconfig/iptables. That file is in a format that iptables can read, but it does not contain the same commands as you would type at the command line. So create a firewall script in /usr/local/sbin. The last command of the script should be: service iptables save That saves the settings to /etc/sysconfig/iptables, where they will be run each time iptables is started. To update your firewall, just edit the script and run it. The firewall is updated and the rules are automatically saved for the next reboot or runlevel change. Tony - -- Anthony E. Greene <mailto:[EMAIL PROTECTED]%3E> OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 239D AOL/Yahoo Messenger: TonyG05 HomePage: <http://www.pobox.com/~agreene/> Linux. The choice of a GNU generation <http://www.linux.org/> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Anthony E. Greene <mailto:[EMAIL PROTECTED]> 0x6C94239D iD8DBQE9Nsi/pCpg3WyUI50RAjz+AKCH/923a/uxNPe9xERxNMxZb7e/AgCglC02 2NGxsp+gafM5mNJyF9IDHkA= =Rxfw -----END PGP SIGNATURE----- _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
