How do I stop system-config-securitylevel from writing the iptables config?
I want to write the iptables on my own and make the rules persistent after a reboot.
Right now system-config-securitylevel is poking in the config which is really annoying.
There must be a simple way to achieve this. Unfortunately I can't find it.
I can't imagine Redhat hasn't thought about that.

or is it a plain "yum remove system-config-securitylevel-tui" which will remove firstboot-tui too?

Thanks a lot

system-config-securitylevel isn't actively rewriting your firewall, it's just that on boot the saved rules get restored and those happen to be the rules generated by system-config-securitylevel in your case. Uninstalling that tool isn't going to change what rules get loaded at boot time.

You can just modify your iptables rules and execute 'service iptables save' to persist the current rules and those will get loaded again after a reboot.

You could also manually edit /etc/sysconfig/iptables (that is where the rules get saved) and run 'service iptables restart' to activate them if you like.

Thanks breun,

so if no one is using system-config-securitylevel-tui nothing will be overwritten at any time and the iptbales config I have made and saved will stay vali, even after reboot?
Thanks a lot for your quick help.

After you modify your rules you do need to run 'service iptables save' or the new rules won't be saved for the next startup.

Thanks a lot