I just recently migrated a system from ipchains to iptables (on RH 7.x). Here's how I saved my iptables to a file and configured the machine to restart with iptables and not ipchains. Here's what I did:
(all steps as root) 1. chkconfig --level 2345 ipchains off 2. service ipchains stop 3. chkconfig --level 2345 iptables on 4. service iptables start 5. iptables -A INPUT -p tcp --syn --destination-port 22 -j ACCEPT 6. ..and so on Once all my chains were loaded I then ran: service iptables save This created my /etc/sysconfig/iptables file. I then restarted with init 6, checked to see what was running (iptables was, ipchains was not) then I port scanned the buggar to see if the ports I expected to have open, and closed, were (and it worked). Hope that helps. Greg On Thu, 02 Jan 2003 15:06:49 -0500 Jeff Bollinger <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I feel like I'm pretty familiar with how to > write IPTables rules, but > I'm a little confused about actually starting > my filtering. I have a > file called "firewall" in /etc/sysconfig that I > think contains some > rules (this could be residual from some > auto-generate scripts I've > tried). I've also got /etc/sysconfig/ipchains. > Which one of these do I > edit? Once I've written my rules, do I just > issue a "service iptables > start" and they're up and running? > > Thanks! > Jeff > - -- > Jeff Bollinger > University of North Carolina > IT Security Analyst > 105 Abernethy Hall > mailto: jeff_bollinger@unc dot edu > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.0 (GNU/Linux) > Comment: Using GnuPG with Mozilla - > http://enigmail.mozdev.org > > iD8DBQE+FJvZvoVlxVBmgsURAkAMAKCUpJjyrodNcqWr2sruBth/bIVGYgCfVWhL > 62AW+L17v6guIiP5XezBBkg= > =lcsd > -----END PGP SIGNATURE----- > > _______________________________________________ > TriLUG mailing list > > http://www.trilug.org/mailman/listinfo/trilug > TriLUG Organizational FAQ: > > http://www.trilug.org/~lovelace/faq/TriLUG-faq.html > _______________________________________________ TriLUG mailing list http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ: http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
