iptables-save und restore
Harald Welte
laforge@gnumonks.org
Tue, 26 Jun 2001 16:06:41 -0300
On Tue, Jun 26, 2001 at 07:29:33PM +0200, Karl Fischer wrote:
> > what kind of numbers do you think they are? what two numbers does every
> > rule have? counters.
>
> Ok - I assumed those numbers to be counters, but what is the sense behind
> that? - I mean, if iptables-save and -restore is used to have firewall-rules
> saved for bootup-restore, what's the point in saving counters?
for accounting purpose? "iptables-restore -c" restores all rules including
their counters. So after a system reboot, you don't start from 0.
> Is that meant to be used at each and every reboot?
depends on your local policy. generally I wouldn't rely on it. What happens
if your machine crashes? (ok, you could do an iptables-save every 5 minutes
or so).
--
Live long and prosper
- Harald Welte / laforge@gnumonks.org http://www.gnumonks.org/
============================================================================
GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M-
V-- PS+ PE-- Y+ PGP++ t++ 5-- !X !R tv-- b+++ DI? !D G+ e* h+ r% y+(*)