search for: s08iptables

Hi All, Was wondering if you could help me out. At work we are running CentOS 4.2 as our mailserver/firewall. The script in question is /etc/rc3.d/S08iptables. As this starts before the network adapters are set up, it hoses our iptables script resulting in denying our internal hosts internet access. What I would like to do is mv the script to /etc/rc3.d/S11iptables so the the interfaces are up and then the iptables script kicks in. It is in this...

...ve" >some one either inadvertantly or otherwise may modify the iptables and >re-issue a "service iptables save" and have it reloaded at boot quite >transparently. >... Visibility aside, isn't rc.local much too late for setting up iptables? My /etc/rc.d/rc3.d/ has an S08iptables and an S10network, then lots more, including an S99local, and then after all this, rc.local is run. By this time, the network has already been up. It seems to me that if you want to do some iptables setup, it must be done before S10network, or it leaves a short-time security hole. Personally, I...

I'm replacing an ancient Solaris 'ipf' firewall/router with a brand new CentOS 6.3 system. In the olden days, I successfully used the attached iptables script (as /etc/rc.local) on Red Hat 5.x systems, but this doesn't seem to be quite working on the new system. Specifically, while it seems to be routing ok, you cannot connect to anything on the inside net (e.g., with ssh or