[CentOS] Firewall will not disable - stumped!

Earl A Ramirez earlaramirez at gmail.com
Sun Jul 7 13:02:38 UTC 2013 

On 7 July 2013 20:57, Bob Metelsky <bob.metelsky at gmail.com> wrote:

> very perplexed here - I need to turn off iptables. Ive tried
>
> service iptables save
> service iptables stop
> chkconfig iptables off
>
> service ip6tables save
> service ip6tables stop
> chkconfig ip6tables off
>
> edited
> OPGX280 ~ # cat  /etc/sysconfig/system-config-firewall
> # Configuration file for system-config-firewall
> --disabled
> --service=ssh
>
> OPGX280 ~ :( # cat  /etc/selinux/config
> SELINUX=disabled
>
> OPGX280 ~ :( # chkconfig |grep ip
> ip6tables       0:off   1:off   2:off   3:off   4:off   5:off   6:off
> ipmievd         0:off   1:off   2:off   3:off   4:off   5:off   6:off
> ipsec           0:off   1:off   2:off   3:off   4:off   5:off   6:off
> iptables        0:off   1:off   2:off   3:off   4:off   5:off   6:off
> ipvsadm         0:off   1:off   2:off   3:off   4:off   5:off   6:off
>
>
> Yet - when I reboot  iptables gets started  - if I run
>
> OPGX280 ~ # /etc/rc.d/init.d/iptables status
> Table: filter
> Chain INPUT (policy ACCEPT)
> num  target     prot opt source               destination
> 1    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp
> dpt:53
> 2    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp
> dpt:53
> 3    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp
> dpt:67
> 4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp
> dpt:67
>
> Chain FORWARD (policy ACCEPT)
> num  target     prot opt source               destination
> 1    ACCEPT     all  --  0.0.0.0/0            192.168.122.0/24    state
> RELATED,ESTABLISHED
> 2    ACCEPT     all  --  192.168.122.0/24     0.0.0.0/0
> 3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> 4    REJECT     all  --  0.0.0.0/0            0.0.0.0/0
> reject-with icmp-port-unreachable
> 5    REJECT     all  --  0.0.0.0/0            0.0.0.0/0
> reject-with icmp-port-unreachable
>
>
> Note -->  192.168.122.0/24 is NOT my network, I just want the status to
> tell me iptables is NOT running
>
> What else can I look for??
>
> Thanks
> Bob
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

Hi Bob,

I am just shooting in the dark here, have you tried /sbin/iptables -F

-- 
Kind Regards
Earl Ramirez

More information about the CentOS mailing list