For Iptables configuration file

Dear UNIX Masters

I would like to inform to you.I cannot configure
/etc/sysconfig/iptables file for NAT .I not want to use scripts file i
want to use only configuration file.I already using platform is Linux
Redhat 9.I really want to know this solving.Please kindly help me.

Best Regards;

Rajar

The best way to use that configuration file is to type in your rules,
make sure they work, then run iptables-save to the config file, e.g.:

iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
....
....
....
iptables-save > /etc/sysconfig/iptables

The iptables-save command generates the rules for the config file.

X

X wrote:
> The best way to use that configuration file is to type in your rules,
> make sure they work, then run iptables-save to the config file, e.g.:
>
> iptables -P INPUT DROP
> iptables -P OUTPUT ACCEPT
> ...
> ...
> ...
> iptables-save > /etc/sysconfig/iptables
>
> The iptables-save command generates the rules for the config file.
>
> X

Master X please give me complete configuration file

Thankz
Rajar

A config file looks something like the following:

# Generated by iptables-save v1.3.5 on Fri Mar 24 14:55:12 2006
*nat
:PREROUTING ACCEPT [88564:7113421]
:POSTROUTING ACCEPT [2:120]
:OUTPUT ACCEPT [770:58462]
-A POSTROUTING -o eth1 -j SNAT --to-source 72.242.168.10
-A POSTROUTING -o eth0 -j SNAT --to-source 192.168.0.20
COMMIT
# Completed on Fri Mar 24 14:55:12 2006
# Generated by iptables-save v1.3.5 on Fri Mar 24 14:55:12 2006
*filter
:INPUT DROP [20493:2156974]
:FORWARD ACCEPT [2048290:1233736525]
:OUTPUT ACCEPT [1523:1024626]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i ! eth1 -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j
ACCEPT
COMMIT
# Completed on Fri Mar 24 14:55:12 2006

X

P.S. I got rid of the RH-specific chains.