Am 07.07.2013 14:57, schrieb Bob Metelsky:
very perplexed here - I need to turn off iptables. Ive tried
Why do you have to turn off the local firewall?
service iptables save service iptables stop chkconfig iptables off
service ip6tables save service ip6tables stop chkconfig ip6tables off
edited OPGX280 ~ # cat /etc/sysconfig/system-config-firewall # Configuration file for system-config-firewall --disabled --service=ssh
OPGX280 ~ :( # cat /etc/selinux/config SELINUX=disabled
Bad practice.
OPGX280 ~ :( # chkconfig |grep ip ip6tables 0:off 1:off 2:off 3:off 4:off 5:off 6:off ipmievd 0:off 1:off 2:off 3:off 4:off 5:off 6:off ipsec 0:off 1:off 2:off 3:off 4:off 5:off 6:off iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off ipvsadm 0:off 1:off 2:off 3:off 4:off 5:off 6:off
Yet - when I reboot iptables gets started - if I run
OPGX280 ~ # /etc/rc.d/init.d/iptables status Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 3 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 state RELATED,ESTABLISHED 2 ACCEPT all -- 192.168.122.0/24 0.0.0.0/0 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 4 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Note --> 192.168.122.0/24 is NOT my network, I just want the status to tell me iptables is NOT running
That's a VMware (ESXi or such) based virtual machine, right? 192.168.122.0/24 is the default VMware NAT network assignment. It comes from the VMware tools. These tools take care that a NAT network setup will work.
What else can I look for??
Thanks Bob
Alexander
P.S. If you reply then please follow the general rule to not top-post and to trim your quotes. Thanks.