/sbin/iptables -L
[root@s-sakai-1 etc]# vi /etc/sysconfig/iptables
# Chuck ports
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8090 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8092 -j ACCEPT
# Lancaster ports
root@s-sakai-1 etc]# /sbin/service iptables restart
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: [ OK ]
[root@s-sakai-1 etc]#
Grrr - I dislike fancy newfangled things - in BSD 4.3 - we did not have to do this!
-------- Comments -------
Too bad you don't allow comments in your blog. :)
Anyway, I wanted to share an iptables tip - to restart it, it's safer to use iptables-restore:
iptables-restore < /etc/sysconfig/iptables
This will do a syntax check and only reload it if it's correct - useful when hand-editing. The other way could stop the firewall but not bring it back up if the syntax is off.
Mike Osterman
Whitman College