[BlueOnyx:08663] iptables Revisited
Mike
sunlist at yahoo.com
Wed Sep 28 11:24:04 -05 2011
Just an FYI -
I was looking to modify /etc/sysconfig/iptables and searched through the list and saw the post, with title "/tec/mail/access," which got me looking at the /etc/cron.hourly/log_traffic file.
Long story short, if you want to modify your firewall and allow the hourly script to continue to run, simply edit the file and add your own iptables rule(s) right above the line below. Notice in the example, you have to >> $FWCONFIGFILE for each line, i.e. append. The COMMIT needs to be the last line, so any modifications need to go above it.
Example:
echo '-A acctin -m state --state NEW -m tcp -p tcp --source x.x.x.x --dport 22 -j ACCEPT' >> $FWCONFIGFILE
echo 'COMMIT' >> $FWCONFIGFILE
Hope the above helps...
-- Mike
More information about the Blueonyx
mailing list