On Sun August 28 2005 9:52 am, Craig White wrote: > On Sun, 2005-08-28 at 14:44 +0100, Timothy Murphy wrote: > > Claude Jones wrote: > > > If you install Shorewall or Firestarter, make sure you turn OFF the > > > basic firewall that's installed with FC - otherwise you'll end up with > > > shadowed rules and inexplicable issues. > > > > How do you turn it off? > > There does not appear to be a firewall service. > > ---- > service iptables off > ---- I'm a visual person, so, if you like the GUI way, you can also go to Kmenu/System Settings/Security Level - I recall there being a similar menu item in Gnome, but I don't use Gnome so I don't remember it. > > > I am using shorewall, and didn't turn anything off, > > and don't seem to have any "inexplicable issues" ... > > ---- > not sure about this myself. I suppose that if firestarter were loaded > before the iptables service, the iptables service probably flushes the > current ruleset when it loads, thereby losing any rules that you may > have configured. Seems to be prudent advice When I first was struggling with learning iptables and firewalls, I got bit by this very issue - iptables was being started at boot, and so was Firestarter; I don't remember the sequence or details, but somehow, both rulesets were activated, and it was creating curious problems. It must be that Firestarter was starting first, because it starts by flushing iptables, then writing it's own ruleset; iptables must have been just appending it's rules to the firestarter set. I found the suggestion to turn off iptables with chkconfig and that fixed the problem. -- Claude Jones Bluemont, VA, USA
