From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1PhRWG-0006Vg-KZ for garchives@archives.gentoo.org; Mon, 24 Jan 2011 18:52:05 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A47ADE07D5; Mon, 24 Jan 2011 18:50:20 +0000 (UTC) Received: from mail-wy0-f181.google.com (mail-wy0-f181.google.com [74.125.82.181]) by pigeon.gentoo.org (Postfix) with ESMTP id 576FCE07D5 for ; Mon, 24 Jan 2011 18:50:19 +0000 (UTC) Received: by wyf22 with SMTP id 22so5929432wyf.40 for ; Mon, 24 Jan 2011 10:50:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :subject:content-type:content-transfer-encoding; bh=tUUaB4P1140BPGF400nVcNEje1zS5MUrzX23/aVJMVQ=; b=rHpobZAlxemI65lhgE0Mf7AG1vOQ6QRcY3rbPgq4PLfxxKftaTwlY/wMb99+1THT2A 5ESSNhr6TSzlRPx8GhTAvdmdAkEJlmJV9DYDnEpcnTo1ktESqdXe7GFbGzoIAqaj8/9R MnMah0lKGtt0XDFGvXW4uR2+QpCmWgX5tbaao= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=dPVMkesrgS5pM3TTomdp4G8EAFVa7vnrsuvq+ITOXL5r19/GwVoMWmMexfu1H5aOxW TIuUvTqhBiqC4QYY3vr3lEsX8tbgBA90O68mlB8K+zCbUo9e1l0ULRsgHbmR5m2VJ+th 2O08+f5UBHu9zaLbCrwMlU4pKAfSHRrDUqXrg= Received: by 10.216.51.130 with SMTP id b2mr4092712wec.42.1295895019248; Mon, 24 Jan 2011 10:50:19 -0800 (PST) Received: from [10.0.0.10] ([88.151.74.229]) by mx.google.com with ESMTPS id 7sm6724289wet.0.2011.01.24.10.50.17 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 24 Jan 2011 10:50:18 -0800 (PST) Message-ID: <4D3DC94F.4020904@gmail.com> Date: Mon, 24 Jan 2011 19:47:43 +0100 From: Jarry User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] modifying iptables: how can I prevent locking me out? Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: X-Archives-Hash: 641c330a0fbf1c902b19cbea11db518f Hi, I have to change rather complex iptables rules on server and I do not want to lock me out as this server is about 50 miles away. So how should I do it? I can back up the old rules by running: /etc/init.d/iptables save and it will be saved to /var/lib/iptables/rules-save (some strange format starting with number like [536:119208]) I prepared a script with new (modified) iptables-rules, which I will run in bash. But in case I screw something, how could I force netfilter to load old saved rules, if I for whatever reason do not connect to server (ssh)? Or can I load new iptables-rules for certain time, and then force netfilter to load back the old rules again? Jarry -- _______________________________________________________________ This mailbox accepts e-mails only from selected mailing-lists! Everything else is considered to be spam and therefore deleted.