Rules created with the iptables command are stored in RAM only. If you restart your system after setting up iptables rules, they will be lost. So in order for netfilter rules to persist through system reboot, you need to save them to the /etc/sysconfig/iptables file.
To do this, type the
command as the root
While it is always a good idea to test a new iptables rule before committing it to the /etc/sysconfig/iptables file, it is possible to copy iptables rules into this file from another system’s version of this file. This allows you to quickly distribute sets of iptables rules to many different machines.
If you distribute the /etc/sysconfig/iptables file to other machines, you must type /sbin/service iptables restart for the new rules take effect.
See the sources below for additional information on packet filtering with iptables.
The iptables man page contains a comprehensive description of various commands, parameters, and other options.
http://netfilter.samba.org — Contains assorted information about iptables, including a FAQ addressing specific problems you may experience and various helpful guides by Rusty Russell, the Linux IP firewall maintainer. The HOWTO documents here cover subjects such as basic networking concepts, 2.4 kernel packet filtering, and NAT configurations.
http://www.linuxnewbie.org/nhf/Security/IPtables_Basics.html — A basic and general look at the way packets move through the Linux kernel, plus an introduction to constructing simple iptables commands.
http://www.redhat.com/support/resources/networking/firewall.html — This Web page contains up-to-date links to a variety of packet filter resources.
Red Hat Linux Firewalls by Bill McCarty (Red Hat Press/Wiley, 2003)
Kerberos is a network authentication protocol created by the Massachusetts Institute of Technology that uses secret-key cryptography — obviating the need to send passwords over the network. By authenticating using Kerberos, unauthorized users trying to intercept passwords on the network are effectively thwarted.
Most conventional network systems use password-based authentication schemes. A user who authenticates to a network server must supply a