[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: F11 iptables can't disable



Tim;

I understand that.

When I ask to stop a service it should stop, period. I shouldn't see the GUI telling me its still running. Doing this for ip6tables it works as expected. You stop it, it stops and the GUI says so. Disable it, its disabled, and the GUI shows that too. And it stays disabled and not running when you reboot the machine.

Now do that with iptables. First it won't stop. Then I tried the CLI route, which totally flushed out any rules. The service was disabled through the GUI too. Rebooting the machine the service is shown as disable but running, duh! Using the CLI I see a bunch of rules are loaded, again, @#$%! This should not happen. If I configured a service to be disabled it should stay that way, and not run, after a reboot.

Clicking on the "Customize" menu item, in the Service Configuration GUI tool, only run levels 2 though 5 are listed and all show the service as disabled for those run levels. That's for both ip6tables and iptables.

So why does ip6tables work differently from iptables? In my mind they should configure and work the same way from the administrator's point of view.

If it makes a difference, and I found with getting a pop-up dialog box asking for root's password, it makes a difference if I'm at a directly connected console or accessing the box using VNC, which is how I normally work on them. With the last several releases of Fedora its gotten buggy in this regard. I've have to resort to modifying the menu entries to open various apps in a terminal window using (su -c "application-here) work around to get a chance to switch to root privileges to do things. This is really getting old. The prior releases seemed to work rather well with this issue, not anymore. Don't other people running headless boxes using VNC notice this?

Regards;

Leland C. Scott
KC8LDO

"There is only one boss. The customer.
And he can fire everybody in the
company from the chairman on down,
simply by spending his money somewhere
else."

-Sam Walton

----- Original Message ----- From: "Tim" <ignored_mailbox yahoo com au> To: "KC8LDO" <kc8ldo arrl net>; "Community assistance, encouragement, and advice for using Fedora." <fedora-list redhat com>
Sent: Monday, December 14, 2009 10:56 PM
Subject: Re: F11 iptables can't disable


On Mon, 2009-12-14 at 10:01 -0500, KC8LDO wrote:
Yes I can use "service iptables stop" at the CLI but the firewall is
right back again with filtering when I reboot the machine.

Try reading the replying posts again.

"service iptables stop" will stop it now, and only now.  Likewise with
using it to start or restart a service.

What happens when booting/changing run levels is controlled by something
else.  The chkconfig command can control that, and list what levels the
service will be on or off at.

e.g. chkconfig --list iptables
    chkconfig iptables off
    chkconfig --list iptables

--
[tim localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]