Question about new chains

[Daniel F. Advanced UNIX Hosting Admin -]

I have a question about makeing a new chain or better yet, a how to question. 

THe way I understand it each packet is compared to every rule you have from 
top to bottom in waht ever chain it is in unless it matches a drop or accept 
then it is forwarded or what ever. 

well here is my issue. I need to be able to add rules on the fly with out 
reloading all the firewall rules every time. Becaus ethe very last chain in 
my script is a forward all. Do to the nature of our bussiness I have to run 
an accept all the deny the bad stuff versus a deny all and only open used 
ports. 

basicaly I have 

DENY 
DENY 
DENY 
DENY 
DENY 
ACCEPT ALL

I need to be able to add rules on the fly right above the accept all. 

I thought I seen mention some where of adding in rules anywhere in that 
sequence using a rule number or some thing like that. 

TIA 




-- 
Advanced Hosting UNIX Admin | Daniel Fairchild danielf@supportteam.net 

Unix is like a wigwam -- no Gates, no Windows, and an Apache inside.