Today I went to the official RedHat forum and learned a firewall tip from Jamie Bainbridge.
If you need to change the firewall configuration of a server and don’t want to lock yourself out of this server, you can type the following command:
# echo "service iptables restart" | at now + 5 minutes
This way, whatever iptables command you type, you will get the configuration reset after the delay specified. Furthermore, you will be able to view and remove the job by using the commands atq and atrm respectively.
Finally, when debugging your firewall configuration, don’t forget to use the -j LOG target to see if/when traffic hits a certain point in the rules. This can be very useful.
Another RHEL6 firewall tip.
Posted in RHEL6
Recent Comments