ipchains on redhat 7.2

ipchains on redhat 7.2

Post by Andrew W » Thu, 24 Jan 2002 15:48:35



hi,

does anyone know how i can fine tune ipchains on Redhat 7.2.
If I use lokkit i can only choose high, medium or low and i can
add additonal protocols eg. ntp. But how can i set up say ssh
with certain ips? I tried with modifying /etc/sysconfig/ipchains
but on reboot it reports errors on my entries.

i don't have X installed so i cannot use gnome tool to make
the changes. Is there a command line tool for me to fine tune
and save the entries?

Thanks.

 
 
 

ipchains on redhat 7.2

Post by Slas » Thu, 24 Jan 2002 16:52:56



> hi,

> does anyone know how i can fine tune ipchains on Redhat 7.2.
> If I use lokkit i can only choose high, medium or low and i can
> add additonal protocols eg. ntp. But how can i set up say ssh
> with certain ips? I tried with modifying /etc/sysconfig/ipchains
> but on reboot it reports errors on my entries.

> i don't have X installed so i cannot use gnome tool to make
> the changes. Is there a command line tool for me to fine tune
> and save the entries?

> Thanks.

hi,

RH 7.2 2.4 9-13 uses iptables instead of ipchains.
you must stop the ipchains service en look if the iptables are working
right.

and look for more help !
let me now too because i'm trugling with the iptables too.

--

Groetjes,

Slash


 
 
 

ipchains on redhat 7.2

Post by D. Stimit » Fri, 25 Jan 2002 13:45:46



> hi,

> does anyone know how i can fine tune ipchains on Redhat 7.2.
> If I use lokkit i can only choose high, medium or low and i can
> add additonal protocols eg. ntp. But how can i set up say ssh
> with certain ips? I tried with modifying /etc/sysconfig/ipchains
> but on reboot it reports errors on my entries.

> i don't have X installed so i cannot use gnome tool to make
> the changes. Is there a command line tool for me to fine tune
> and save the entries?

> Thanks.

A little known fact, Redhat has broken init scripts. Ipchains and
iptables are mutually exclusive, if one is loaded or supported, the
other *cannot*. If you expect ipchains rules to be active at boot, and
iptables loads, you are SOL. And it will not report the error, it will
quietly hide it. This might not be your particular error, but it is one
cause of ipchains or iptables failing...the other one has been loaded as
a module or compiled in.

You might want to go in as root to /etc/rc.d/init.d/ and run ./ipchains
restart rather than rebooting, you'll get more testing done that way. Do
NOT depend on the results that ./ipchains reports, it will not always
tell you the truth (the Redhat broken script thing, been in bugzilla
forever, someone decided it wasn't a bug to be lied to about a fatal
security flaw). Use /sbin/ipchains -L -n and see if rules are listed
once the restart script no longer complains. FYI,
/etc/sysconfig/ipchains rules are abbreviated. Here is a sample to deny:
-A input -p tcp  -s 0/0  -d 127.0.0.1/8 21  -i ppp0  -y -j DENY
-A input -p tcp  -s 0/0  -d 127.0.0.1/8 22  -i ppp0  -y -j DENY
-A input -p tcp  -s 0/0  -d 127.0.0.1/8 23  -i ppp0  -y -j DENY

Just keep commenting them out with leading hash marks "#" until it
works, then uncomment them one at a time till you find what breaks it.


 
 
 

1. Redhat 7.2 - ipchains (i need an idiots access method)

After goofing around with xinetd and trying to figure out why i could see
incomming packets for my pop3 port but my server never responded - i figured
out it was cause my ipchains ruleset was in a twist (hehe i don't know the port
so i'm not going to talk!)

Does anyone know a simple method of administering the ipchains rules without
having to translate addresses to CIDR notation, dig up the rule syntax and add
the new or adjusted rule manually to the /etc/sysconfig/ipchains (which is not
recommended by the way)??

--
Posted via Mailgate.ORG Server - http://www.Mailgate.ORG

2. "Running Linux" North American Tour

3. I'm confused with ipchains/iptables on Redhat 7.2

4. How to detect network interface link state?

5. ipchains in RedHat 7.2

6. SCSI AVA1502 problems

7. How can I active and use IPCHAINS replace of IPTABLES in redhat 7.2 ?

8. M-Systems Disk-On-Chip with Linux?

9. How can I active and use ipchains replace of iptables in redhat 7.2?

10. No ipchains on Redhat 7.2 Alpha?

11. pptp/GRE with IPCHAINS & RedHat 7.2

12. pptp/GRE with IPCHAINS and RedHat 7.2.....Help

13. configuring gcc-2.7.2.x on redhat 7.2