Hello,
My OS id suse 11.0. I`ve noticed that after a very small periods of time ( ~days) my iptables reinitialize since all changes I made in the INPUT chain disappear. Obviously I did not switch of my computer between the checks.
Do you have any ideas on how to disable that?
Thank you for your time.
Dimitry
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If you want changes to be persistent you should set them in Yast under
Yast: Security and Users: Firewall. With that done regardless of if the
firewall is brought up or taken down it will have the settings you desire.
Otherwise the firewall is only changed during startup/shutdown and also
probably if you change networks (wireless, for example).
Good luck.
genesup wrote:
> Hello,
>
> My OS id suse 11.0. I`ve noticed that after a very small periods of
> time ( ~days) my iptables reinitialize since all changes I made in the
> INPUT chain disappear. Obviously I did not switch of my computer between
> the checks.
>
> Do you have any ideas on how to disable that?
>
> Thank you for your time.
> Dimitry
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKKlCTAAoJEF+XTK08PnB5hQMQAI65av33CRrmXvZ3YIHk+bt3
kkcUf8kW4fIgnkFQFrU1WjdqJU2UVGe/uGs9e6rjNxW1O/O00800ZXgWcv3aPs1Y
Y0scGkf6oo0Em+FMUKpCQ+1xDYuD1ssNkfpWsWDTa0z1wj2VGKxH245s78GestnA
nehEZzo9ApnNv1vk9ZSs7pUDFmp1k/MCwRXBMtJ3eMOqbdJUpdNVm5eQFKiJYElQ
FiP+sDlDpVLzody1t9Kh91aQ0a1UYaP6rpPsFM/1nh4hNnp0JBueC9P+rT0aleE7
+mjpTojhEu/nhiIk0x8N0YgYcjzoeG0yo9DkA3LuDk/4Z3UvtXieu6JlBonKPrEd
AawqlrwdEupCIZc1bnRN/iIubYY9UKrrsCVYIbEK9iEBOgZRLSNkIcLJM5vICoeT
JRhYYZ+USCkdLe32nZoVjDQ69sHhXJM7IxNP/ZpkkoziV4gV4EWbRMX/RFs4ymx/
XobGkt0JZg7jQxdUPR/SkPMRW1IxvEZxX2lS0HGBsCX+jPMLuX6nKj1+j6qROu7r
0aGBR8JTQHt2l7ooviiSOU8PcMfquC0k04j+qY/0cFnv35nE+2UfhAVYE+XJ3ugM
sZIMoSFzlxIIzcJPxvAoX1ufi8MhCmXXKUHPjY464jcXW1f/PYSpMOLARMOhQHDu
uQtzp3MtRiakA3YRhtvD
=yrAK
-----END PGP SIGNATURE-----
Thank you for the tip.
The problem is that I use a script to edit iptables to block ips that try to pick up my password. How could I communicate with iptables via yast using a script? Is this a straightforward task?
Thanks!
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Yast stores its information in /etc/sysconfig/SuSEfirewall2 and similar
files so you could have your script modify those files explicitly and then
any reinitialization of the firewall would go that route. If you have the
default firewall completely disabled (and by that I mean you have disabled
the SuSEfirewall2 service and replaced it with your own calls to
‘iptables’ (NetFilter) so it’s the same firewall but now it’s your own
control of it) I don’t know why you would be seeing what you are seeing
necessarily.
Good luck.
genesup wrote:
> Thank you for the tip.
>
> The problem is that I use a script to edit iptables to block ips that
> try to pick up my password. How could I communicate with iptables via
> yast using a script? Is this a straightforward task?
>
> Thanks!
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIcBAEBAgAGBQJKKmZ9AAoJEF+XTK08PnB5QAwQALRDBphPMPt3bJshYf4aR7lm
SsY1zq4Ewpm1U8UrU5HKAtnH/vDNE/0MXnRwd2Xke7QuzVjMPRtySZ5196Bkf9dj
mSNSdEFK6h3mqJd1kaxJB4r1+bRm8BM+s+IoBWbFomLv9N/tnfXeeFwvzue9apPT
1rNhB/aJxL0VrxJGmvKTfXsC+kGqjO/6qi6dv5KEW0+16FBpPjkiMSPFymPCoBxM
/UzL04U5+b6iRZPqrVtuC+CTgwddeZa3EfGnNq7FCNE5+sj6JCo6qP3kiw2O5V4d
5xdpCEY+sypao93TBiQh4IFcRAAP9yWNH2341Vl6hnThtmY8oBtlBYC+5Kk9azER
os+jSo1/xC12lurt8pthUmYZ5Gb1wewUiYEOwuaeN0VdF0uJ4X1AytEjA+i+kmIN
eb+rnvR23fZWoB6gfTEJD+/914xuCZ04fleOY7g9Dub0FF91UM6aJzxctxE5CWQs
40kaY/MSKTeUdMr6gONMQBtWclgPf/L59CeKz+juhfAXMThut937HyzunaIMs3DE
7y7xGpUymgx98Co0TLlsR7bXPJ5uPdcwz3AG/ngWzxy9O1KabyHFMXwfopK18bAy
S+eEhufWEkt7jEodXWsiG/53mDmaFiSGp9c87Y60Po1TaXp8idGQNE7cQ1Wi4QE/
Fj+lJUmXUU5svgfGJ30m
=Xr6W
-----END PGP SIGNATURE-----
What about /etc/sysconfig/scripts/SuSEfirewall2-custom ?