[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: F11 iptables can't disable

Date: Tue, 15 Dec 2009 17:23:47 -0800
From: Rick Stevens <ricks nerd com>
Subject: Re: F11 iptables can't disable

"chkconfig iptables off" will only block iptables from starting
whenever you enter the run level you're _currently_ in.  For example,
if you're in the GUI (run level 5) and you run that command, iptables
will be off ONLY in run level 5.  It'll still start in run level 3 (the
normal one for non-GUI stuff).

If you're changing runlevels and want iptables off in them, the correct
command is:

chkconfig --level <list-of-levels> iptables off

E.g. to prevent it from running in run levels 3 and 5:

chkconfig --level 35 iptables off

To disable it completely:

chkconfig --level 12345 iptables off

To enable it in run levels 1, 2 and 5, but not in 3 or 4:

chkconfig --level 12345 iptables on
chkconfig --level 34 iptables off

You get the idea.

Yes I do. If you will look at the GUI tool under Gnome you'll find there is no option for run level 1. Under the "Customize" menu option only run levels 2 through 5 are listed. I know its a single user run level but you would figure the option should be there. Any reason why its not? I can see where somebody may want to use the GUI to do something then dump out of it and switch to runlevel 1 at the CL.

So you're saying if its enabled in any run level, then of course it will show it as active. Well let me do some more checking and reading on firewalls.


Leland C. Scott
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]