Re: Iptables not starting

From: noi (noi_at_siam.com)
Date: 09/27/05

• Next message: Lenard: "Re: Installing X Libraries"
• Previous message: P Ruetz: "Re: FC vs CentOS (or equiv)"
• In reply to: John Crane: "Iptables not starting"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Tue, 27 Sep 2005 18:08:04 GMT

On Mon, 26 Sep 2005 23:09:35 -0500, John Crane wrote this:

> Hello,
> I'm running RHEL3, kernal 2.4 with iptables 1.2.8 installed.
>
> I entered services iptables start and I didn't see any messeges like
> failed or OK. I checked to see if /etc/sysconfig/iptables exists but it
> didn't so created it.
> touch /etc/sysconfig/iptables
> chmod 600 /etc/sysconfig/iptables

Hmmm, I think it should be w/o service

$ sudo /usr/sbin/iptables start
$ sudo iptables -L --line-numbers -n -x -v

There should be a gui for creating the basic firewall
otherwise create a text file containing your rules something like

# in some text file
# Generated by iptables-save v1.2.6a on Tue Dec 31 14:51:50 2002
# Manual update Wed Aug 13 11:33:50 2003
*filter
:INPUT ACCEPT [8138:8937580]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [7062:784253]
:RH-Lokkit-0-50-INPUT - [0:0]

-A INPUT -j RH-Lokkit-0-50-INPUT

-A RH-Lokkit-0-50-INPUT -s 192.168.0.1 -p udp -m udp --sport 53 --dport 1025:65535 -j ACCEPT

-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 25 --tcp-flags SYN,RST,ACK SYN -j ACCEPT

-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 22 --tcp-flags SYN,RST,ACK SYN -j ACCEPT

-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 23 --tcp-flags SYN,RST,ACK SYN -j ACCEPT

-A RH-Lokkit-0-50-INPUT -i eth0 -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT

-A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT

Then clear iptables and load the file
$ su
root$ iptables -F
root$ iptables-restore < test_iptable.txt
root$ iptables-save > good_iptable.txt

The above can be done with sudo but this must be as root
root$ cp good_iptable /etc/sysconfig/iptables
$exit

>
> Now I see the messege Applying iptables firewall rules. But then I check
> the status of the firewall and it is stopped. How do I start the firewall?
>
> Thx,
> John

• Next message: Lenard: "Re: Installing X Libraries"
• Previous message: P Ruetz: "Re: FC vs CentOS (or equiv)"
• In reply to: John Crane: "Iptables not starting"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: Cant ping into or outof Redhat box ... There is no host from an arp -n command, ... and neither computer will load iptables. ... | Your basic network setup is not right, ... (comp.os.linux.networking) Re: Cant ping into or outof Redhat box ... There is no host from an arp -n command, ... and neither computer will load iptables. ... | Your basic network setup is not right, ... (linux.redhat) Re: Is there any way to set iptables as a non-root user? ... > iptables as a non root user of the computer. ... User 'root' is there for special tasks (such as ... Newbies in Linux world are often afraid of root account, ... forget about running iptables from account other than root, ... (comp.os.linux.security) Kornets Last Hack ... I was going thru logs today and I found that some asshole from Thrunet ... script and run it for iptables. ... Hint: We don't allow 'root'. ... (comp.os.linux.security) Re: OT - Desktop Linux ... Disable logging remote logging to SSH as root, add a user that does not ... posed to allow a new legitimate application through the firewall on ... about one of the GUI front ends for iptables. ... (alt.sports.basketball.nba.la-lakers)

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint