Results 1 to 2 of 2

Thread: IPTables Testing Safety Net

  1. #1
    StephenAtSpry
    Guest

    Post IPTables Testing Safety Net

    If you're trying to tweak your firewall rules just right, here's a tip, create a file with the line:

    Code:
    0-59/10 * * * * /sbin/service iptables stop > /dev/null
    and then run
    Code:
    crontab thefile
    which will load it into the crontab. To remove the entry, overwrite the file with nothing

    Code:
    > thefile
    and run

    Code:
    crontab thefile
    This just gives you a bit of a safety net so that even if you lock yourself out of your server, it won't be for longer than 10 minutes.

  2. #2
    Forum Administrator Power Poster Lyle@Spry's Avatar
    Join Date
    May 2005
    Posts
    455

    Default

    An additional note to this... "iptables -F" will not reset your policy from DROP to ACCEPT. So if you are of the mindset, "block everything, allow only selected" and implement this by modifying the default policy from ACCEPT to DROP, don't expect "iptables -F" in a cron job to help you.

    Do like Stephen says, use "service iptables stop".

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •