From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.43)
	id 1E8VwX-00002a-TK
	for garchives@archives.gentoo.org; Fri, 26 Aug 2005 04:35:54 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j7Q4WkaO032526;
	Fri, 26 Aug 2005 04:32:46 GMT
Received: from mail.bway.net (xena.bway.net [216.220.96.26])
	by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j7Q4Oxrv031341
	for <gentoo-user@lists.gentoo.org>; Fri, 26 Aug 2005 04:24:59 GMT
Received: (qmail 87438 invoked by uid 0); 26 Aug 2005 04:26:19 -0000
Received: from unknown (HELO ida.bway.net) (216.220.96.4)
  by smtp.bway.net with (EDH-RSA-DES-CBC3-SHA encrypted) SMTP; 26 Aug 2005 04:26:19 -0000
Date: Fri, 26 Aug 2005 00:22:46 -0400 (EDT)
From: "A. Khattri" <ajai@bway.net>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] iptables
In-Reply-To: <01a201c5a9ec$cd7155e0$0501a8c0@croatus>
Message-ID: <Pine.BSO.4.58.0508260016530.23087@ida.bway.net>
References: <01a201c5a9ec$cd7155e0$0501a8c0@croatus>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Archives-Salt: 1b303be6-45b8-429d-beaa-783d57140f16
X-Archives-Hash: 1ae0fcb34acd4c5089953e9ba0ca4dc4

On Thu, 25 Aug 2005, John Dangler wrote:

> I'm reading through the wiki doc on setting up iptables.  There is a section
> there that sets up a file called firewall.sh
> i've emerged iptables, but I don't have a file by that name on the system,

Probably a script the wiki author created perhaps...

> and it seems that running "/etc/init.d/iptables save" writes this file as
> /var/lib/iptables/rules-save.

That's right.

> Is there a specific directory where this file
> should be written so that running "/etc/init.d/iptables save" can see it?
> Or can the rules-save file be edited and re-written? (It seems as though
> running "/etc/init.d/iptables save" would just over-write rules-save).

That's right it does.

There's nothing stop you editing /var/lib/iptables/rules-save but be aware
that the init scripts might overwrite those changes if iptables has been
started. (The init script also support a "reload" option which looks like
it flushs all the rules without saving them first and then loads them
again from /var/lib/iptables/rules-save - this might be useful for you).


-- 

-- 
gentoo-user@gentoo.org mailing list