ok solved.
The problem was that the startup script of bastille made a check of the kernel installed (with uname...etcetc).
Control that the kernel is newer than 2.3...but the awk syntax used it's ok onlt for all kernel from 2.3 to 2.9
If you have (like me) a kernel newer than 2.9 (like the brand new 3.0 kernel...) the startup script not start netfilter....
Change on /etc/rc.d/init.d/bastille-firewall on row (85 or 86...)
the if statement.
[FROM] if [ -n "$(uname -r | awk -F. ' $1 == 2 && $2 > 2 {print}')" ]; then
[TO] if [ -n "$(uname -r | awk -F. ' $1 == 3 {print}')" ]; then
next i had to save the configuration on sysconfig/iptables (on centos) with the command:
/sbin/service iptables save
just before the last case statement on this same script..
Hope it usefull..
