How do I get started?# A: (Did I mention "do not use it" already? Oh well.)# 1. Setup your normal iptables rules -- firewalling, port forwarding# NAT, etc. When everything is configured the way you like, run:## /etc/init.d/iptables save active## 2. Setup your your inactive firewall rules -- this can be something# like clear all rules and set all policy defaults to accept (which# can be done with /etc/init.d/iptables clear). When that is ready,# save the inactive ruleset:## /etc/init.d/iptables save inactive## 3. Controlling the script itself is done through runlevels configured# with debconf for package installation. Run "dpkg-reconfigure iptables"# to enable or disable after installation.## Q: Is that all?# A: Mostly. You can save additional rulesets and restore them by name. As# an example:## /etc/init.d/iptables save midnight# /etc/init.d/iptables load midnight### Autosave only works with start followed by stop.## Also, take great care with the halt option. It's almost as good as# pulling the network cable, except it disrupts localhost too.## Also, create the /var/lib/iptables and /var/lib/ip6tables dirs# as necessary.
