getting started with iptables

Hi, I understand the basics of the iptables command but I am having
trouble grasping how the various "scripts" go together. I have a
CentOS (Red Hat) box set up and there is an init script
/etc/init.d/iptables. There is also a support script
/etc/sysconfig/iptables-config. I understand also that 'service
iptables save' creates a ruleset file of my current ruleset inside
/etc/sysconfig/iptables. My question is therefore "Where do I place my
main (and documented) ruleset file?". Where can I get a sample/starter
ruleset file? Are there more scripts/files I should be aware of?

Peter

On 2006-07-24, Peter <(E-Mail Removed)> wrote:
[...]
> /etc/sysconfig/iptables. My question is therefore "Where do I place my
> main (and documented) ruleset file?". Where can I get a sample/starter
> ruleset file? Are there more scripts/files I should be aware of?

Read your iptables init script again. This is the important part:

#!/bin/sh
#
# iptables Start iptables firewall
#
# chkconfig: 2345 08 92
# description: Starts, stops and saves iptables firewall
#
# config: /etc/sysconfig/iptables
# config: /etc/sysconfig/iptables-config

# Source function library.
.. /etc/init.d/functions

IPTABLES=iptables
IPTABLES_DATA=/etc/sysconfig/$IPTABLES
IPTABLES_CONFIG=/etc/sysconfig/${IPTABLES}-config
IPV=${IPTABLES%tables} # ip for ipv4 | ip6 for ipv6
PROC_IPTABLES_NAMES=/proc/net/${IPV}_tables_names
VAR_SUBSYS_IPTABLES=/var/lock/subsys/$IPTABLES

Greetings,
Thorsten