iptables Fedora 16

[squogmaster]

Hi,

Am attempting to configure SSH on port 22 on Fedora 16.

2 things:

Have enabled port 22 in iptables:

-A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT

Now I can connect to port 22 but I had to reboot the PC for this to work - Can I not just restart or update iptables to enable this or do I have to restart every tine I make a change in iptables?

I tried 'systemctl restart iptable.service' BUT iptables is not a service (or is it??).

Also, I set 'root permissions' to NO in the sshd.config but can still login through ssh as root??

Stop and restarted the ssh.service but can stil login as root from remote PC??

any ideas?

Cheers,....

[marriedto51]

If you edit the filtering rules with the command iptables then changes you make take effect immediately for the running system. But: they will be lost when you re-boot. To make the changes permanent, you need to save the current state with

Code:

iptables-save > /etc/sysconfig/iptables

It is probably a good idea to back up the old /etc/sysconfig/iptables first in case (like I would) you've made a mistake somewhere.

If you want to re-apply the saved rules you can use

Code:

systemctl restart iptables.service

Note also that all this only applies to IPv4 -- if you are using IPv6 you will need to replace iptables with ip6tables throughout.

[RHamel]

The order of the iptables commands matter. The -A switch means appends.

[ukkreddy]

Hi,

when we reboot Linux PC, we lost iptables rules.
if you want automaticlly add your rules, you can save rule in iptables-save file.
if you want to drop any type of packet "iptables -P INPUT DROP", then we can allow what you need.

and rule will check in order.