Re: The default firewall script in FC4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun August 28 2005 9:52 am, Craig White wrote:
> On Sun, 2005-08-28 at 14:44 +0100, Timothy Murphy wrote:
> > Claude Jones wrote:
> > > If you install Shorewall or Firestarter, make sure you turn OFF the
> > > basic firewall that's installed with FC - otherwise you'll end up with
> > > shadowed rules and inexplicable issues.
> >
> > How do you turn it off?
> > There does not appear to be a firewall service.
>
> ----
> service iptables off
> ----

I'm a visual person, so, if you like the GUI way, you can also go to 
Kmenu/System Settings/Security Level  -  I recall there being a similar menu 
item in Gnome, but I don't use Gnome so I don't remember it.

>
> > I am using shorewall, and didn't turn anything off,
> > and don't seem to have any "inexplicable issues" ...
>
> ----
> not sure about this myself. I suppose that if firestarter were loaded
> before the iptables service, the iptables service probably flushes the
> current ruleset when it loads, thereby losing any rules that you may
> have configured. Seems to be prudent advice

When I first was struggling with learning iptables and firewalls, I got bit by 
this very issue - iptables was being started at boot, and so was Firestarter; 
I don't remember the sequence or details, but somehow, both rulesets were 
activated, and it was creating curious problems. It must be that Firestarter 
was starting first, because it starts by flushing iptables, then writing it's 
own ruleset; iptables must have been just appending it's rules to the 
firestarter set. I found the suggestion to turn off iptables with chkconfig 
and that fixed the problem. 

-- 
Claude Jones
Bluemont, VA, USA


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux