edit iptables manually

General Discussion of atomic repo and development projects.

Ask for help here with anything else not covered by other forums.
BruceLee
Forum Regular
Forum Regular
Posts: 879
Joined: Sat Mar 28, 2009 6:58 pm
Location: Germany

edit iptables manually

Unread post by BruceLee »

How do I stop system-config-securitylevel from writing the iptables config?
I want to write the iptables on my own and make the rules persistent after a reboot.
Right now system-config-securitylevel is poking in the config which is really annoying.
There must be a simple way to achieve this. Unfortunately I can't find it.
I can't imagine Redhat hasn't thought about that.

or is it a plain "yum remove system-config-securitylevel-tui" which will remove firstboot-tui too?

Thanks a lot
breun
Long Time Forum Regular
Long Time Forum Regular
Posts: 2813
Joined: Sat Aug 20, 2005 9:30 am
Location: The Netherlands

Re: edit iptables manually

Unread post by breun »

system-config-securitylevel isn't actively rewriting your firewall, it's just that on boot the saved rules get restored and those happen to be the rules generated by system-config-securitylevel in your case. Uninstalling that tool isn't going to change what rules get loaded at boot time.

You can just modify your iptables rules and execute 'service iptables save' to persist the current rules and those will get loaded again after a reboot.

You could also manually edit /etc/sysconfig/iptables (that is where the rules get saved) and run 'service iptables restart' to activate them if you like.
Lemonbit Internet Dedicated Server Management
BruceLee
Forum Regular
Forum Regular
Posts: 879
Joined: Sat Mar 28, 2009 6:58 pm
Location: Germany

Re: edit iptables manually

Unread post by BruceLee »

Thanks breun,

so if no one is using system-config-securitylevel-tui nothing will be overwritten at any time and the iptbales config I have made and saved will stay vali, even after reboot?
Thanks a lot for your quick help.
breun
Long Time Forum Regular
Long Time Forum Regular
Posts: 2813
Joined: Sat Aug 20, 2005 9:30 am
Location: The Netherlands

Re: edit iptables manually

Unread post by breun »

BruceLee wrote:so if no one is using system-config-securitylevel-tui nothing will be overwritten at any time and the iptbales config I have made and saved will stay vali, even after reboot?
After you modify your rules you do need to run 'service iptables save' or the new rules won't be saved for the next startup.
Lemonbit Internet Dedicated Server Management
BruceLee
Forum Regular
Forum Regular
Posts: 879
Joined: Sat Mar 28, 2009 6:58 pm
Location: Germany

Re: edit iptables manually

Unread post by BruceLee »

Thanks a lot
Post Reply