The script runs without a problem but even after restarting iptables service I still see accesses from ip addresses that I can confirm are in the pool of ips that the script calls and is suppose to ad to iptables.
On top of that, /etc/sysconfig/iptables is not altered at all.
Msg#: 4455814 posted 7:09 am on May 21, 2012 (gmt 0)
The active list of iptables rules can be requested with "iptables -L -n -v" It could be that the active list is changed but not the stored list in /etc/sysconfig/iptables. The latter is saved manually with the iptables-save command, or during system shutdown if that has been configured in the iptables config.
One common mistake is that such an installation script is not started under user root. Only user root has enough privileges to change the iptables configuration.
One final warning, These scripts from external sources may intentionally or unintentionally change your firewall configuration in such a way that your system becomes either inaccessible, or create a hole for malicious visitors. Use them with care and always be sure that you fully understand how they work before running them. Also having a backdoor for yourself in case the firewall locks up (for example through a remote console connection offered by your ISP) may save you a lot of work and frustration in case the system locks down.