dashang
n00b
Joined: 22 Jul 2011
Posts: 40
|
 Posted: Mon Apr 23, 2012 10:43 am Post subject: iptables-restore --noflush is not working |
 |
|
iptables-restore default behavior is to flush all table and then apply all chain. but there is one option in iptables-restore is --noflush
| Quote: |
iptables-restore --help
Usage: iptables-restore [-b] [-c] [-v] [-t] [-h]
[ --binary ]
[ --counters ]
[ --verbose ]
[ --test ]
[ --help ]
[ --noflush ]
[ --table=<TABLE> ]
[ --modprobe=<command>]
|
means old rules is not deleted ..
so i have create two file a.txt and b.txt file
[b] vi a.txt
| Quote: |
*mangle
:acctup - [0:0]
:acctdn - [0:0]
-I acctup -s 10.104.1.122 -d 0/0 -j MARK --set-mark 1
-I acctdn -d 10.104.1.122 -s 0/0 -j MARK --set-mark 1
COMMIT
*nat
-A POSTROUTING -s 10.104.1.122 -d 0/0 -j MASQUERADE
COMMIT
|
vi a.txt
| Quote: |
*mangle
:acctup - [0:0]
:acctdn - [0:0]
-I acctup -s 10.104.1.121 -d 0/0 -j MARK --set-mark 1
-I acctdn -d 10.104.1.121 -s 0/0 -j MARK --set-mark 1
COMMIT
*nat
-A POSTROUTING -s 10.104.1.121 -d 0/0 -j MASQUERADE
COMMIT
|
now when i run this file with --noflush option . but still its delete all the rules.....
| Quote: |
iptables-restore --noflush < a.txt
iptables -t mangle -L acctup -nvx
Chain acctup (0 references)
pkts bytes target prot opt in out source destination
0 0 MARK all -- * * 10.104.1.122 0.0.0.0/0 MARK xset 0x1/0xffffffff
iptables-restore --noflush < b.txt
iptables -t mangle -L acctup -nvx
Chain acctup (0 references)
pkts bytes target prot opt in out source destination
0 0 MARK all -- * * 10.104.1.121 0.0.0.0/0 MARK xset 0x1/0xffffffff
root@bhushan:/home/bhushan#
|
So after run b.txt iptables-restore --noflush delete all chain ...my ip is change every time...so its dynamic ....
PLEASE TELL ME THE SOLUTION ......how to work in iptables-restore --noflush option.....[/b] |
|
Networking & Security
