So if we are to use iptables in place of the SUSE firewall in Linux we are also going to need to create a SYSTEM V init script in /etc/init.d to enable good control of our firewall service. Iptables is always loaded with the kernel, so we do not start or stop the iptables firewall. We are simply loading one configuration and then another. To have the firewall in the STOP condition we would have the firewall set to allow everything, in the start condition we would drop everything except those packets we wish to pass the firewall. STATUS would simply be an iptables -nvL.
- STATUS => iptables -nvL
- STOP => iptables-restore < FW_STOP
- START => iptables-restore < FW_START