hi all, i asked this topic couple days ago, but i have problem again.
for some reasons, iptables was turned on again. is there any way to disable iptables completely?
this is what i did last time: #service iptables stop
thanks, t. hiep
On Tue, Mar 11, 2008 at 1:25 PM, Hiep Nguyen hiep@ee.ucr.edu wrote:
hi all, i asked this topic couple days ago, but i have problem again.
for some reasons, iptables was turned on again. is there any way to disable iptables completely?
this is what i did last time: #service iptables stop
chkconfig iptables off
On 11/03/2008, Hiep Nguyen hiep@ee.ucr.edu wrote:
for some reasons, iptables was turned on again. is there any way to disable iptables completely?
this is what i did last time: #service iptables stop
service iptable stop
chkconfig --level 2345 iptables off
HTH. Alan.
On Tue, Mar 11, 2008 at 11:25:33AM -0700, Hiep Nguyen wrote:
hi all, i asked this topic couple days ago, but i have problem again.
for some reasons, iptables was turned on again. is there any way to disable iptables completely?
this is what i did last time: #service iptables stop
As root:
# chkconfig iptables off # service iptables stop
Ray
On Tue, 11 Mar 2008, Ray Van Dolson wrote:
On Tue, Mar 11, 2008 at 11:25:33AM -0700, Hiep Nguyen wrote:
hi all, i asked this topic couple days ago, but i have problem again.
for some reasons, iptables was turned on again. is there any way to disable iptables completely?
this is what i did last time: #service iptables stop
As root:
# chkconfig iptables off # service iptables stop
i reviewed my notes and that's what i did:
#chkconfig iptables off
is there any other actions that trigger this back on when reboot?
thanks, t. hiep
In article Pine.LNX.4.64.0803111143210.26481@storm.ee.ucr.edu, Hiep Nguyen hiep@ee.ucr.edu wrote:
On Tue, 11 Mar 2008, Ray Van Dolson wrote:
On Tue, Mar 11, 2008 at 11:25:33AM -0700, Hiep Nguyen wrote:
hi all, i asked this topic couple days ago, but i have problem again.
for some reasons, iptables was turned on again. is there any way to disable iptables completely?
this is what i did last time: #service iptables stop
As root:
# chkconfig iptables off # service iptables stop
i reviewed my notes and that's what i did:
#chkconfig iptables off
Did you type the '#'? The # represents the root shell prompt, and should not be typed in. If you type it, it makes the whole line a comment which isn't an error, but does nothing! Since chkconfig also produces no output, it would be hard to tell the difference!
is there any other actions that trigger this back on when reboot?
Not that I'm aware of. Do these two commands, and check that the second command shows "Off" against all runlevels:
chkconfig iptables off chkconfig --list iptables
Cheers Tony
Hiep Nguyen wrote:
hi all, i asked this topic couple days ago, but i have problem again.
for some reasons, iptables was turned on again. is there any way to disable iptables completely?
this is what i did last time: #service iptables stop
man chkconfig
or try system-config-services
On Tuesday 11 March 2008 14:25:33 Hiep Nguyen wrote:
hi all, i asked this topic couple days ago, but i have problem again.
for some reasons, iptables was turned on again. is there any way to disable iptables completely?
this is what i did last time: #service iptables stop
Of course that has nothing to do with SELinux. Iptables is the firewall. You stopped the firewall, but did not remove the setting that is executed when you boot.
If that is really what you want to do then remove iptables from the rc directory. It depends on which distro you have but on RH compatible distro's, such as CentOS it is in /etc/rc3.d/ and /etc/rc5.d.
The name is prefixed with an S and a number which indicates it's startup position. For example S10iptables.
It is a shortcut or link as it's called in Linux and you can safely remove it. The actual iptables startup script is in /etc/init.d and should not be deleted.
on 3-11-2008 11:34 AM Bobby spake the following:
On Tuesday 11 March 2008 14:25:33 Hiep Nguyen wrote:
hi all, i asked this topic couple days ago, but i have problem again.
for some reasons, iptables was turned on again. is there any way to disable iptables completely?
this is what i did last time: #service iptables stop
Of course that has nothing to do with SELinux. Iptables is the firewall. You stopped the firewall, but did not remove the setting that is executed when you boot.
If that is really what you want to do then remove iptables from the rc directory. It depends on which distro you have but on RH compatible distro's, such as CentOS it is in /etc/rc3.d/ and /etc/rc5.d.
The name is prefixed with an S and a number which indicates it's startup position. For example S10iptables.
It is a shortcut or link as it's called in Linux and you can safely remove it. The actual iptables startup script is in /etc/init.d and should not be deleted.
Instead of adding and deleting shortcuts manually and accidentally breaking something, use chkconfig (man chkconfig).
On Tue, Mar 11, 2008 at 12:16:53PM -0700, Ray Van Dolson alleged:
Instead of adding and deleting shortcuts manually and accidentally breaking something, use chkconfig (man chkconfig).
I think this thread has successfully covered all ways to skin a cat...
- chkconfig
- system-config-firewall/securitylevel
- manually
- system-config-services
pfft.
rpm -e iptables rm -f /etc/sysconfig/iptables echo > /etc/sysconfig/iptables chmod 0 /etc/rc.d/init.d/iptables echo > /etc/rc.d/init.d/iptables
service iptables stop; service iptables save
On 11/03/2008, Ray Van Dolson rvandolson@esri.com wrote:
I think this thread has successfully covered all ways to skin a cat...
- chkconfig
- system-config-firewall/securitylevel
- manually
- system-config-services
Agreed. (But I don't want to mention RTFM.) D'oh - I've just typed it!
Alan.
On 3/11/08, Alan Bartlett ajb.stxsl@googlemail.com wrote:
On 11/03/2008, Ray Van Dolson rvandolson@esri.com wrote:
I think this thread has successfully covered all ways to skin a cat...
- chkconfig
- system-config-firewall/securitylevel
- manually
- system-config-services
Agreed. (But I don't want to mention RTFM.) D'oh - I've just typed it!
Alan.
but no-one has mentioned ntsysv yet
:-)
mike
On Tue, Mar 11, 2008 at 11:25:33AM -0700, Hiep Nguyen alleged:
hi all, i asked this topic couple days ago, but i have problem again.
for some reasons, iptables was turned on again. is there any way to disable iptables completely?
this is what i did last time: #service iptables stop
Btw, your subject says selinux, but the body says iptables. I bring this up not to nitpick, but because you might not know that they different and mostly unrelated things.
i know now. thanks.
#chkconfig --list iptables shows all levels. i have to turn off all.
t. hiep
On Tue, Mar 11, 2008 at 11:25:33AM -0700, Hiep Nguyen alleged:
hi all, i asked this topic couple days ago, but i have problem again.
for some reasons, iptables was turned on again. is there any way to disable iptables completely?
this is what i did last time: #service iptables stop
Btw, your subject says selinux, but the body says iptables. I bring this up not to nitpick, but because you might not know that they different and mostly unrelated things.
Hiep Nguyen wrote:
hi all, i asked this topic couple days ago, but i have problem again.
for some reasons, iptables was turned on again. is there any way to disable iptables completely?
this is what i did last time: #service iptables stop
iptables != selinux, they are two completely different things.
instead of manually disabling the service entries, you can configure the firewalling to 'disabled' with `system-config-securitylevel`
-
Alan Bartlett -
Bobby -
Garrick Staples -
Hiep Nguyen -
Jeff Larsen -
John R Pierce -
Michael Simpson -
Nicolas Thierry-Mieg -
Ray Van Dolson -
Scott Silva -
tony@softins.clara.co.uk