I ended up maintaining some SME servers, so I am trying to understand the logic - but I am having a bit of trouble.
For example, I need to add some simple firewall rules, and to make sure they are always present, so no signal-events would recreate/remove rules and remove a rule I've added manually.
Basically, I'd need things like this:
iptables -I FORWARD -s 1.1.0.0/16 -j ACCEPT
iptables -I OUTPUT -m udp -p udp --dport 10000 -j ACCEPT
How can I do this, with 100% guarantee that no events will remove these rules, or move them 'downwards'?
I mean, I could add them to /etc/rc.local, and have them setup from there, but I am not sure if that is the correct way on SME (and RH/CentOS way of using "/etc/sysconfig/iptables" does not seem to be used/supported).
Thanks.
1 Replies
685 Views