[TriLUG] IPTables

[Robert Dale]

On Thu, 2 Jan 2003, Jeff Bollinger wrote:

> I feel like I'm pretty familiar with how to write IPTables rules, but
> I'm a little confused about actually starting my filtering.  I have a
> file called "firewall" in /etc/sysconfig that I think contains some
> rules (this could be residual from some auto-generate scripts I've
> tried).  I've also got /etc/sysconfig/ipchains.  Which one of these do I
> edit?  Once I've written my rules, do I just issue a "service iptables
> start" and they're up and running?

Depends which dist you have.  If it's RH 7.x (and maybe 8.x),
the init scripts will try ipchains first then iptables.  If you want
iptables, you have to disable ipchains: chkconfig --level 2345 ipchains off
stop it first, then rmmod ipchains

Now you can add your iptables rules to /etc/sysconfig/iptables
and restart iptables.

I don't know about other dists.

HTH

-- 
Robert Dale