Re: kadischi post failed -- Reposted here -- iptables always started no matter what

From: "j.e.aneiros" <jesus.aneiros@xxxxxxxxx>
Date: Fri, 26 Aug 2011 17:34:29 -0400

On Fri, Aug 26, 2011 at 5:14 PM, Phil Meyer <pmeyer@xxxxxxxxxxxxxxxx> wrote:

Please tolerate this post intended for the livecd-creator list. They
are bouncing me now days. Maybe its time I changed deodorant? I dunno ...

I am desperate!

---

livecd-tools-15.7-1.fc15.x86_64

Kickstarts all contain:

firewall --disabled
selinux --disabled

I even went as far as this:

%packages
---
[stuff deleted]
---
-system-config-firewall*

and

%post
---
[stuff deleted]
---
/sbin/chkconfig iptables off
/sbin/chkconfig ip6tables off
echo '#' > /etc/sysconfig/iptables
echo '#' > /etc/sysconfig/ip6tables
echo '#' > /etc/sysconfig/iptables-config
echo '#' > /etc/sysconfig/ip6tables-config
echo "#\n--disabled" > /etc/sysconfig/system-config-firewall
%end

Could you use service iptables stop and service ip6tables stop ?

You could also use chkconfig to deactivate the firewalls

--aneiros

What happens is that /etc/sysconfig/iptables, /etc/sysconfig/iptables,

and /etc/sysconfig/system-config-firewall ALWAYS get recreated AFTER
%post runs!

That causes the iptables kernel modules to load, and filtering started,
even though iptables is actually configured for off and does not start.

What is doing that? I cannot find it.

Any help is appreciated.

Thanks!
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

--
J. E. Aneiros
GNU/Linux User #190716 en http://counter.li.org
perl -e '$_=pack(c5,0105,0107,0123,0132,(1<<3)+2);y[A-Z][N-ZA-M];print;'
PK fingerprint: 5179 917E 5B34 F073 E11A AFB3 4CB3 5301 4A80 F674
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

References:
- kadischi post failed -- Reposted here -- iptables always started no matter what
  - From: Phil Meyer

Prev by Date: kadischi post failed -- Reposted here -- iptables always started no matter what
Next by Date: Re: configuring bridge with wlan0 on libvirt (KVM) (RHEL6)
Previous by thread: kadischi post failed -- Reposted here -- iptables always started no matter what
Index(es):
- Date
- Thread

Relevant Pages

RE: Networking problem
... I am running a firewall that accepts specific connection on ... I still am unable to ping that machine and it is unable to ping me. ... To unsubscribe or change subscription options: ... Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines ...
(Fedora)
Re: telnet to adjacent computer fails
... SELINUX has nothing to do with the firewall ... To unsubscribe or change subscription options: ... Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines ...
(Fedora)
Re: Help with network
... Actually the proper command to show all the details would have been: ... I suggest you stop the firewall for a moment while doing your test. ... To unsubscribe or change subscription options: ... Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines ...
(Fedora)
Re: system-config-printer cant find my remote printer ??
... iptables (the firewall). ... Kevin Kofler ... Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines ...
(Fedora)
Re: F13 - cant detect network printer
... forgot to mention: Firewall is disabled. ... To unsubscribe or change subscription options: ... Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines ...
(Fedora)