Re: Firewall

[Nigel Wade <nmw ion le ac uk>]

On Thursday 15 Aug 2002 9:07 pm, Rick Stevens wrote:
> Steve Wright wrote:
> > I am trying to turn my firewall off to work out some of the bugs in my
> > system. I use the setup command to shut it down, then I reboot. After
> > rebooting, the firewall is set up to HIGH level again.
> > Can any one tell me why?
>
> Because the network start scripts look for the /etc/sysconfig/iptables
> file.  If it's found, then the firewall is started.  Turning off the
> firewall via setup does just that--turns it off FOR THIS BOOT.  It
> doesn't change the configuration of your system.

I thought that the RH default firewall used ipchains? Mine does anyway.

>
> To keep the firewall off while you tinker, as root go into the
> /etc/sysconfig directory and look for files called either "ipchains"
> or "iptables".  Rename them to something like "x-ipchains" or
> "x-iptables":

>
> 	mv ipchains x-ipchains
> 	mv iptables x-iptables
>
> That should prevent them from being used on the next boot.  When
> you're done futzing around, change the names back to the originals
> (get rid of the "x-") and the firewall will start up on the next
> boot.


You shouldn't need to mess with the files if you just want to turn off/disable 
the firewall.

Run 'chkconfig ipchains off' to prevent the firewall from starting. You might 
need to do 'chkconfig --level 2 ipchains off' because, for some reason, the 
default doesn't affect level 2. To disable a running firewall run 'service 
ipchains off'.

To turn the firewall back on again run 'chkconfig ipchains on' and 'service 
ipchains start'.

If your firewall is using iptables rather than ipchains, substitute iptables 
for ipchains in the above commands.

-- 
Nigel Wade, System Administrator, Space Plasma Physics Group,
            University of Leicester, Leicester, LE1 7RH, UK 
E-mail :    nmw ion le ac uk 
Phone :     +44 (0)116 2523568, Fax : +44 (0)116 2523555