Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   CentOS (http://www.linux-archive.org/centos/)
-   -   Adding comments to /etc/sysconfig/iptables (http://www.linux-archive.org/centos/517779-adding-comments-etc-sysconfig-iptables.html)

Alexander Farber 04-24-2011 08:26 AM

Adding comments to /etc/sysconfig/iptables
 
Ouch you're correct. I only tried end-of-line comments, sorry

On Sun, Apr 24, 2011 at 9:30 AM, Nicolas Thierry-Mieg
<Nicolas.Thierry-Mieg@imag.fr> wrote:
> Alexander Farber wrote:
>> Is there a way to add comments to the iptables file?
>> A hash mark # does not seem to work.
>
> assuming you are talking about /etc/sysconfig/iptables , hash is indeed
> the comment mark, and works fine.
> In my file on this system all comment lines have a hash as first
> character on the line though, so perhaps it doesn't like end-of-line
> comments but only accepts full lines of comment.
>
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Kai Schaetzl 04-24-2011 12:31 PM

Adding comments to /etc/sysconfig/iptables
 
Alexander Farber wrote on Sun, 24 Apr 2011 09:04:30 +0200:

> i.e. there is "sudo service iptables save",
> but I've yet to discover its usefulness

You can add rules on the fly and save them. For instance, I have a certain
"starter script" with iptables rules and other filtering stuff grown over
the years. I adapt that, put it on new machines and run it once. Then I
save that and only add rules to it from the command line. If I know I want
to keep them I save them, otherwise I don't and they will finally go away
with the next reboot (e.g. abused mailservers or spambots usually last
only for a few days). If there are rules, that I want to keep for longer
and/or distribute to other machines I put them in the starter script.

Kai


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Kenneth Porter 04-25-2011 10:04 PM

Adding comments to /etc/sysconfig/iptables
 
On Sunday, April 24, 2011 9:04 AM +0200 Alexander Farber
<alexander.farber@gmail.com> wrote:

> If comments not possible, please share few tricks -
> how do YOU usually use iptables on CentOS,
> i.e. there is "sudo service iptables save",
> but I've yet to discover its usefulness

I keep related rules in a named sub-chain. For example, I have a sub-chain
just for black-listing spammers.


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Tue Apr 26 00:30:01 2011
Return-path: <ubuntu-motu-bounces@lists.ubuntu.com>
Envelope-to: tom@linux-archive.org
Delivery-date: Mon, 25 Apr 2011 23:47:57 +0300
Received: from chlorine.canonical.com ([91.189.94.204]:39048)
by s2.java-tips.org with esmtp (Exim 4.69)
(envelope-from <ubuntu-motu-bounces@lists.ubuntu.com>)
id 1QEShI-0008KZ-SX
for tom@linux-archive.org; Mon, 25 Apr 2011 23:47:56 +0300
Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com)
by chlorine.canonical.com with esmtp (Exim 4.71)
(envelope-from <ubuntu-motu-bounces@lists.ubuntu.com>)
id 1QETuZ-0004g2-FD; Mon, 25 Apr 2011 22:05:43 +0000
Received: from smtp17.mail.ru ([94.100.176.154])
by chlorine.canonical.com with esmtp (Exim 4.71)
(envelope-from <Michael1972@mail.ru>) id 1QETW7-0002jJ-3j
for ubuntu-motu@lists.ubuntu.com; Mon, 25 Apr 2011 21:40:27 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mail.ru;
s=mail;
h=Message-ID:From:Content-Transfer-Encoding:MIME-Version:Subject:Date:To:Content-Type;
bh=5I4zxIIQ7uYuoFkyQB/Y/AQ8VhO0+31+6rVz2XXPra0=;
b=r3r6zONfziBA6JOFDcOFTGpzOEfn2DuJEIvqHX7nkTreoZ0m Y2YlxRg2P3x8iXKXhLNjhbYzVaiaYGpNDuORhEv5T/zNwT36+SvYRcr9/7JUcvwRPpoJDbRLqNU8u/qw;
Received: from [95.58.157.226] (port=47469 helo=michael-desktop)
by smtp17.mail.ru with asmtp id 1QETW5-0003lF-00
for ubuntu-motu@lists.ubuntu.com; Tue, 26 Apr 2011 01:40:26 +0400
To: ubuntu-motu@lists.ubuntu.com
Date: Tue, 26 Apr 2011 03:41:54 +0600
Subject: Converting dictionaries to DICT Format
MIME-Version: 1.0
From: =?utf-8?B?0JLQu9Cw0YHQtdC90LrQviDQnNC40YXQsNC40Lsg0JLQuN C60YLQvtGA0L4=?=
=?utf-8?B?0LLQuNGH?= <Michael1972@mail.ru>
Message-ID: <op.vuijv4lh6u3wdp@michael-desktop>
User-Agent: Opera Mail/11.10 (Linux)
X-Spam: Not detected
X-Mras: Ok
X-Mailman-Approved-At: Mon, 25 Apr 2011 22:05:42 +0000
X-BeenThere: ubuntu-motu@lists.ubuntu.com
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: mailing list of the Masters Of The Universe
<ubuntu-motu.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/ubuntu-motu>,
<mailto:ubuntu-motu-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/ubuntu-motu>
List-Post: <mailto:ubuntu-motu@lists.ubuntu.com>
List-Help: <mailto:ubuntu-motu-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu>,
<mailto:ubuntu-motu-request@lists.ubuntu.com?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes"
Sender: ubuntu-motu-bounces@lists.ubuntu.com
Errors-To: ubuntu-motu-bounces@lists.ubuntu.com

I converted some dictionaries to the DICT format. Now I want to place them
to the repository of Ubuntu that they can be available to users? For
example, when I enter the command
$ aptitude search ~ndict-freedict
I see a large list of DICT dictionaries. Can I somehow put the
dictionaries so that they similarly freedict dictionaries was available
through the repository?

--
Ubuntu-motu mailing list
Ubuntu-motu@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu

"Geoff Galitz" 04-26-2011 05:20 AM

Adding comments to /etc/sysconfig/iptables
 
>> assuming you are talking about /etc/sysconfig/iptables , hash is indeed
>> the comment mark, and works fine.
>> In my file on this system all comment lines have a hash as first
>> character on the line though, so perhaps it doesn't like end-of-line
>> comments but only accepts full lines of comment.
>>

FYI, using iptable comments commands are even more useful as they are
displayed whenever you actually list the rules (e.g. via "service iptables
status). For example:

-A INPUT -s 10.0.0.2 -m comment --comment "I am an example comment" -j DROP




_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


All times are GMT. The time now is 10:49 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.