Mailing List ArchiveSupport open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]Re: [tlug] Ipchains/Iptables
- To: <tlug@example.com>
- Subject: Re: [tlug] Ipchains/Iptables
- From: "Scott McLennan" <scottmclennan@example.com>
- Date: Thu, 28 Mar 2002 03:43:06 +0900
- Content-transfer-encoding: 7bit
- Content-type: text/plain;charset="iso-8859-1"
- Organization: SoftDev
- References: <200203262114.g2QLEFe01130@example.com><20020327091537.A4404@example.com> <87it7i1stq.fsf@example.com> <002301c1d572$54a63010$5a00a8c0@example.com> <008801c1d599$e4850540$0400a8c0@example.com> <00b601c1d59c$9a6c0730$3008a8c0@example.com> <010301c1d5a1$7db35440$0400a8c0@example.com> <00ee01c1d5bd$c8cce150$3008a8c0@example.com>
- Reply-to: "Scott McLennan" <scottmclennan@example.com>
Ah. Interesting. So it can't have 2 hey?! Terrific.The fog is clear out of my mind. Thanks a lot, Scott numero dos.. ;-0) {Oyasumi/bonsoir/wan an/Gutten nacht} > > > Hey Scott. > > (what a great name! ) > > Yes, I think so. :) > > > > That's good. Thanks a lot. When you run iptables, do you > > need this thing called netfilter? Can you run iptables by > > calling it from within /etc/rc.d/rc.local just as you do with > > ipchains. > > > Ok, the only distro where I've dealt with both is RH. They can't be run > together--both, in the default kernel are modules so first you'd do rmmod > ipchains then insmod iptables. I usually, regardless of distro, download and > install a new kernel quickly, and always put in netfilter--again, I'm in MS > today, and rushed, so I don't have time to go and look--I ~think~ and hope > someone can either confirm or correct, that netfilter is necessary for > iptables. > > Now, if, on RH, you do that rmmod ipchains, insmod iptables, your default > iptables just accepts everything. > > So, you might, using the default ipchains as a guide (by doing > ipchains -L -v -n see what your current ipchains looks like-- then make an > iptables script to duplicate it, changing input to INPUT the port number at > the end to --dport and the port number and any -y (or is it --y) to --syn. > > Then, depending upon your degree of paranoia, disconnect the box from the > network, do the rmmod and insmod mentioned above and run your script to make > sure you haven't made any syntax errors. When done, it's > iptables-save >/etc/sysconfig/iptables > > The above is for RH. In Slack you edit /etc/rc.M, placing the script in > your default run level and in Gentoo you add it with rc-update--I think > those are the only ones I've worked with. > HTH > Scott > > > >
- References:
- Re: [tlug] Arcane command-line (Was: epcEditor)
- From: Jim Breen
- Re: [tlug] Arcane command-line (Was: epcEditor)
- From: Matt Doughty
- Re: [tlug] Arcane command-line (Was: epcEditor)
- From: Stephen J. Turnbull
- Re: [tlug] Arcane command-line (Was: epcEditor)
- From: Brett Robson
- Re: [tlug] Arcane command-line (Was: epcEditor)
- From: Scott McLennan
- Re: [tlug] Arcane command-line (Was: epcEditor)
- From: Scott Robbins
- Re: [tlug] Ipchains/Iptables
- From: Scott McLennan
- Re: [tlug] Ipchains/Iptables
- From: Scott Robbins
Home | Main Index | Thread Index
- Prev by Date: Re: [tlug] Ipchains/Iptables
- Next by Date: [tlug] Re: cup/paste buffer - encoding
- Previous by thread: Re: [tlug] Ipchains/Iptables
- Next by thread: [tlug] Re: Arcane command-line (Was: epcEditor)
- Index(es):
Home Page Mailing List Linux and Japan TLUG Members Links