How to avoid locking yourself out via iptables...
It’s even easier if you use my
Pyroman firewall config tool.
(apt-get install pyroman
). If you run pyroman safe
it will
execute the new firewall rules - and if you don’t type OK within 30 seconds,
it will undo all changes. Note that it can also restore to a configuration set
by a different firewall app. (It just restores the old iptables
state and feeds it back to iptables - it will support anything your iptables
version does.)
Oh, and it’s much faster than the other firewall scripts I’ve tested so far, since it doesn’t spawn hundreds of iptables processes, but only one iptables-restore for setting the new rules in one transaction.
Check the web page for other benefits; should just work on any Linux distribution with iptables and python (read: every).
[Update: Martin, I was referring to the instructions you gave, to adding an at job and then running atrm to accept the changes. Yeah, what you script does is basically the same what mine does for rollback.]