Wrapper functions like SuSEFirewall2

Hey everyone, I have a question. I'm administering a linux machine that runs openSuSE. A few of the functions that I'd normally do manually, have programs that take over the task. For example, I wanted to add a few rules to my iptables. I then found out that there is an openSuse tool (SuSEfirewall2). Another exists for DNS configuration. Is using these tools mandatory?

I tried making the iptables changes the normal way by editing the file, but it didn't seem to work. Once I did the same changes with SuSEFirewall2, it seemed to work. I'm not sure if me using the suse firewall is what helped though.

So my question is, in linux in general, when there is a 'wrapper' tool like these, that edit the files for us, are we obligated to use them or can we by pass the function and do it manually?

Did the act of me using the openSusefirewall2 tool cause it to add something that I couldn't have by manually editing the iptables file?

Without knowing what you did, it's very difficult to know why it didn't work. I do know that I don't know many iptables configuration tools but I do know a lot of iptables configuration generators -- they tend to replace the firewall configuration wholesale, not edit it.

This is by no means the rule.

Thanks for the reply, yea that's what I meant to call it, it's a generator. So yea perhaps when I used the SuSeFirewall2 it overrode the manually edited iptables file completely and replaced it with my apparently more correct version.

Must have, yes. It's usually a one-way translation, the way souce code to exe is a one way translation. Trying to go backwards involves a lot of detective work into what the intent of the rule was.

It's certainly possible to edit the resulting rules by hand, but then, you can't really use the generator any more -- it would override your changes.