Timothy Madden
2011-Dec-05 20:32 UTC
[CentOS] How to preserve iptables when running the GUI tool ?
Hello I have set up NAT with iptables for an openvpn connection, so that the VPN server could give VPN clients access to the entire sub-net of the server. The probelm is if I start system-config-securitylevel to say disable the firewall, and then again to enable it, my iptable rules are gone ! I did run `service iptables save` before. Is there something I can do to prevent this ? Is there a gui interface to enable NAT over a VPN connection that cooperates with system-config-network ? Thank you, Timothy Madden
Fajar Priyanto
2011-Dec-05 20:49 UTC
[CentOS] How to preserve iptables when running the GUI tool ?
Dec 6, 2011 4:32 AM Timothy Madden <terminatorul at gmail.com> ??:> Hello > > I have set up NAT with iptables for an openvpn connection, so that the > VPN server could give VPN clients access to the entire sub-net of the > server. > > The probelm is if I start system-config-securitylevel to say disable the > firewall, and then again to enable it, my iptable rules are gone ! > > I did run `service iptables save` before. > > Is there something I can do to prevent this ? Is there a gui interface > to enable NAT over a VPN connection that cooperates with > system-config-network ? >You mean system-config-securitylevel? It's pretty useless. Pls take a look at Fwbuilder.
Les Mikesell
2011-Dec-05 21:00 UTC
[CentOS] How to preserve iptables when running the GUI tool ?
On Mon, Dec 5, 2011 at 2:32 PM, Timothy Madden <terminatorul at gmail.com> wrote:> Hello > > I have set up NAT with iptables for an openvpn connection, so that the > VPN server could give VPN clients access to the entire sub-net of the > server. > > The probelm is if I start system-config-securitylevel to say disable the > firewall, and then again to enable it, my iptable rules are gone ! > > I did run `service iptables save` before. > > Is there something I can do to prevent this ? Is there a gui interface > to enable NAT over a VPN connection that cooperates with > system-config-network ? >Not sure what the GUI tool does (I'd assume it clears iptables if you tell it to disable the firewall...) but 'service iptables save' writes a file named iptables in /etc/sysconfig that you should be able to back up somewhere. However, a normal 'service iptables stop' which will happen in a shutdown/reboot, etc. will also overwrite that file. -- Les Mikesell lesmikesell at gmail.com
Ljubomir Ljubojevic
2011-Dec-05 21:07 UTC
[CentOS] How to preserve iptables when running the GUI tool ?
Vreme: 12/05/2011 09:32 PM, Timothy Madden pi?e:> Hello > > I have set up NAT with iptables for an openvpn connection, so that the > VPN server could give VPN clients access to the entire sub-net of the > server. > > The probelm is if I start system-config-securitylevel to say disable the > firewall, and then again to enable it, my iptable rules are gone ! > > I did run `service iptables save` before. > > Is there something I can do to prevent this ? Is there a gui interface > to enable NAT over a VPN connection that cooperates with > system-config-network ?Just stop the firewall via "service iptables stop" like any service, and start it again in the same manner. -- Ljubomir Ljubojevic (Love is in the Air) PL Computers Serbia, Europe Google is the Mother, Google is the Father, and traceroute is your trusty Spiderman... StarOS, Mikrotik and CentOS/RHEL/Linux consultant