[Firewall] Restart for firewall rules only

Lonnie Abelbeck lists at lonnie.abelbeck.com
Mon Nov 1 15:15:27 CET 2010


Hai Shalom,

Hmmm, I'm not seeing the "NAT Table update all sessions flushed" messages, and my sessions are maintained on a 'restart'.

Possibly send more details of your system, (kernel version, iptables version, distro, etc...)

Do you have any "custom-rules" defined?

Lonnie


On Nov 1, 2010, at 8:53 AM, Shalom, Hai wrote:

> Lonnie,
> 
> I am using 1.9.2m, and I see the following messages when I restart:
> 
> Reinitializing firewall chains
> NAT Table update all sessions flushed
> NAT Table update all sessions flushed
> NAT Table update all sessions flushed
> NAT Table update all sessions flushed
> NAT Table update all sessions flushed 
> 
> 
> Regards,
> Hai Shalom.
> 
> 
> -----Original Message-----
> From: firewall-bounces at rocky.eld.leidenuniv.nl [mailto:firewall-bounces at rocky.eld.leidenuniv.nl] On Behalf Of Lonnie Abelbeck
> Sent: Monday, November 01, 2010 3:49 PM
> To: Arno's IPTABLES firewall script
> Subject: Re: [Firewall] Restart for firewall rules only
> 
> 
> On Nov 1, 2010, at 6:20 AM, Shalom, Hai wrote:
> 
>> Hello,
>> 
>> I use arno script in my system to configure NAT and firewall rules.
>> When I want to add a new firewall rule, I need to run the firewall script with restart parameter.
>> However, in this case, it flushes all NAT sessions.. :-(
>> 
>> Is it possible to restart it without flushing the NAT sessions?
> 
> What version of AIF are you using?
> 
> $ arno-iptables-firewall restart
> 
> should maintain all pre-existing conntrack sessions.
> 
> Lonnie
> 
> 
>> 
>> Thanks!
>> _______________________________________________
>> Firewall mailing list
>> Firewall at rocky.eld.leidenuniv.nl
>> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
>> Arno's (Linux IPTABLES Firewall) Homepage:
>> http://rocky.eld.leidenuniv.nl
> 
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl
> 
> 



More information about the Firewall mailing list