On Wednesday, October 12, 2011, Christopher Howard elucidated thus:
> On 10/12/2011 12:39 AM, Joshua J. Kugler wrote:
> > On Tuesday, October 11, 2011, Christopher Howard elucidated thus:
> >> The official community doc just says to use the
> >> iptables-save command, but I think that only drops the rules to
> >> STDOUT.
> >
> > Right, which dumps them in a format that can then be fed to
> > iptables- restore. That's exactly the way you want to save them.
> > Where/how would you save them otherwise?
> >
> > j
>
> Right, that is of course the mechanism used to save and restore. But
> of course someone has to decide where the data is saved to and
> restored from, and during what part of the boot process this
> happens. Presumably this would be done by an init script, but I
> cannot find an init script named "iptables", so I am wondering if I
> need to add one myself, or if it has a different name, or...?
>
> Furthermore, I am wondering: if I can find no "iptables" init script,
> how do I even control whether or not the iptables service is starting
> at boot?
Ah, I see what you mean now. I've never started/stopped iptables at
boot/shutdown. I've always used a higher-level interface, shut as
Shorewall.
What distribution are you using? One a RHEL5 system I admin, there is
an 'iptables' script in /etc/init.d, owned by the iptables package. The
debian package does not seem to have this. But even the RHEL init
script does not seem to use iptables-save/restore.
j
-- Joshua Kugler Part-Time System Admin/Programmer http://www.eeinternet.com - Fairbanks, AK PGP Key: http://pgp.mit.edu/ ID 0x73B13B6A --------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.Received on Wed Oct 12 10:55:33 2011
This archive was generated by hypermail 2.1.8 : Wed Oct 12 2011 - 10:55:33 AKDT