Tim;
I understand that.
When I ask to stop a service it should stop, period. I shouldn't see the GUI
telling me its still running. Doing this for ip6tables it works as expected.
You stop it, it stops and the GUI says so. Disable it, its disabled, and the
GUI shows that too. And it stays disabled and not running when you reboot
the machine.
Now do that with iptables. First it won't stop. Then I tried the CLI route,
which totally flushed out any rules. The service was disabled through the
GUI too. Rebooting the machine the service is shown as disable but running,
duh! Using the CLI I see a bunch of rules are loaded, again, @#$%! This
should not happen. If I configured a service to be disabled it should stay
that way, and not run, after a reboot.
Clicking on the "Customize" menu item, in the Service Configuration GUI
tool, only run levels 2 though 5 are listed and all show the service as
disabled for those run levels. That's for both ip6tables and iptables.
So why does ip6tables work differently from iptables? In my mind they should
configure and work the same way from the administrator's point of view.
If it makes a difference, and I found with getting a pop-up dialog box
asking for root's password, it makes a difference if I'm at a directly
connected console or accessing the box using VNC, which is how I normally
work on them. With the last several releases of Fedora its gotten buggy in
this regard. I've have to resort to modifying the menu entries to open
various apps in a terminal window using (su -c "application-here) work
around to get a chance to switch to root privileges to do things. This is
really getting old. The prior releases seemed to work rather well with this
issue, not anymore. Don't other people running headless boxes using VNC
notice this?
Regards;
Leland C. Scott
KC8LDO
"There is only one boss. The customer.
And he can fire everybody in the
company from the chairman on down,
simply by spending his money somewhere
else."
-Sam Walton
----- Original Message -----
From: "Tim" <ignored_mailbox@xxxxxxxxxxxx>
To: "KC8LDO" <kc8ldo@xxxxxxxx>; "Community assistance, encouragement, and
advice for using Fedora." <fedora-list@xxxxxxxxxx>
Sent: Monday, December 14, 2009 10:56 PM
Subject: Re: F11 iptables can't disable
On Mon, 2009-12-14 at 10:01 -0500, KC8LDO wrote:
Yes I can use "service iptables stop" at the CLI but the firewall is
right back again with filtering when I reboot the machine.
Try reading the replying posts again.
"service iptables stop" will stop it now, and only now. Likewise with
using it to start or restart a service.
What happens when booting/changing run levels is controlled by something
else. The chkconfig command can control that, and list what levels the
service will be on or off at.
e.g. chkconfig --list iptables
chkconfig iptables off
chkconfig --list iptables
--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines