• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Load additional iptables modules (nat helpers)
2#   Default: -none-
3# Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'), which
4# are loaded after the firewall rules are applied. Options for the helpers are
5# stored in /etc/modprobe.conf.
6IPTABLES_MODULES=""
7
8# Save current firewall rules on stop.
9#   Value: yes|no,  default: no
10# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets stopped
11# (e.g. on system shutdown).
12IPTABLES_SAVE_ON_STOP="no"
13
14# Save current firewall rules on restart.
15#   Value: yes|no,  default: no
16# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets
17# restarted.
18IPTABLES_SAVE_ON_RESTART="no"
19
20# Save (and restore) rule and chain counter.
21#   Value: yes|no,  default: no
22# Save counters for rules and chains to /etc/sysconfig/iptables if
23# 'service iptables save' is called or on stop or restart if SAVE_ON_STOP or
24# SAVE_ON_RESTART is enabled.
25IPTABLES_SAVE_COUNTER="no"
26
27# Numeric status output
28#   Value: yes|no,  default: yes
29# Print IP addresses and port numbers in numeric format in the status output.
30IPTABLES_STATUS_NUMERIC="yes"
31
32# Verbose status output
33#   Value: yes|no,  default: yes
34# Print info about the number of packets and bytes plus the "input-" and
35# "outputdevice" in the status output.
36IPTABLES_STATUS_VERBOSE="no"
37
38# Status output with numbered lines
39#   Value: yes|no,  default: yes
40# Print a counter/number for every rule in the status output.
41IPTABLES_STATUS_LINENUMBERS="yes"
42
43# Reload sysctl settings on start and restart
44#   Default: -none-
45# Space separated list of sysctl items which are to be reloaded on start.
46# List items will be matched by fgrep.
47#IPTABLES_SYSCTL_LOAD_LIST=".nf_conntrack .bridge-nf"
48
49# Set wait option for iptables-restore calls in seconds
50#   Default: 600
51# Set to 0 to deactivate the wait.
52#IPTABLES_RESTORE_WAIT=600
53
54# Set wait interval option for iptables-restore calls in microseconds
55#   Default: 1000000
56# Set to 100000 to try to get the lock every 100000 microseconds, 10 times a
57# second.
58# Only usable with IPTABLES_RESTORE_WAIT > 0
59#IPTABLES_RESTORE_WAIT_INTERVAL=1000000
60