Recipe 2.18 Inserting Firewall Rules

Previous page
Table of content
Next page

2.18.1 Problem

Rather than appending a rule to a chain, you want to insert or replace one elsewhere in the chain.

2.18.2 Solution

Instead of the -A option, use -I to insert or -R to replace. You'll need to know the numeric position, within the existing rules, of the new rule. For instance, to insert a new rule in the fourth position in the chain:

# iptables -I chain 4 ...specification... # ipchains -I chain 4 ...specification...

To replace the second rule in a chain:

# iptables -R chain 2 ...specification... # ipchains -R chain 2 ...specification...

2.18.3 Discussion

When you insert a rule at position N in a chain, the old rule N becomes rule N+1, rule N+1 becomes rule N+2, and so on. To see the rules in a chain in order, so you can determine the right numeric offset, list the chain with -L. [Recipe 2.16]

2.18.4 See Also

iptables(8), ipchains(8).

Previous page
Table of content
Next page
Linux Security Cookbook
Linux Security Cookbook
ISBN: 0596003919
EAN: 2147483647
Year: 2006
Pages: 247
Authors: Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes
BUY ON AMAZON
MySQL Stored Procedure Programming
A Practitioners Guide to Software Test Design
C & Data Structures (Charles River Media Computer Engineering)
AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
Extending and Embedding PHP
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy