[ale] Easy way to add and delete iptables rules

[Chris Fowler]

> From: "Lightner, Jeffrey" <JLightner at dsservices.com>
> To: "Atlanta Linux Enthusiasts" <ale at ale.org>
> Sent: Friday, August 26, 2016 8:58:02 AM
> Subject: Re: [ale] Easy way to add and delete iptables rules

> Also the iptables-restore suggests you're editing your iptables file then using
> the restore to update memory.
I only do this at boot. 
fail2ban and miniupnpd have active rules when the firewall is running. 

> Instead you can use "iptables -I" to insert rules in your iptables in memory
> then use iptables-save to save to the file so you get the new rules on next
> restore.
This would be a problem because that would restore nat rules at boot created by UPnP that are no longer valid. Maybe miniupnpd would see it and delete it. Not sure. 

> You can use "iptables -nL --line-numbers" to see existing rules and the lines
> they're on then specify the line number you wish to insert into with the -I
> flag.
Yes, that I can do. List them, grok them, build a command, and execute it. 

My hope was that I can simply create a table for each kid and just add and delete with ease. If I need to list line numbers, parse it out, and do it that way I can do that too. I hesitate because I'm not sure that way is the "pest practice". 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20160826/5f804393/attachment.html>