LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-26-2003, 03:44 AM   #1
mrbuzz
LQ Newbie
 
Registered: Feb 2003
Posts: 4

Rep: Reputation: 0
RH 8: Which one? Ipchains or IpTables


I installed RH 8 onto my system tonight and am trying to get IP masquerading implemented to allow for other workstations on my network access to the Internet.

From my understanding Red Hat 8 does not use IpChains by default.
Upon looking at my system services, BOTH are enabled for my runlevel of 5.

Which is being used by default? Is one overriding the other?
Should I turn off IpChains?

Looking at the contents of IpTables, there is some sort of Red Hat specific script commands prefaced with RH-Lokkit in it. This looks very non-standard and I am wondering what the hell this crap is!

Will I be able to use regular IPTable commands?

Thanks!

Last edited by mrbuzz; 02-26-2003 at 03:45 AM.
 
Old 02-26-2003, 04:30 AM   #2
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
You can only have one of them running!

type...
chkconfig --level 2345 ipchains off
service ipchains stop
rpm -e ipchains

The Lokkit prog has a few bugs (I'm being mild here)

A better interface is Firestarter.
An iptables tutorial is at http://iptables-tutorial.frozentux.n...-tutorial.html where you can learn what each of the command does.
 
Old 02-26-2003, 05:05 AM   #3
mrbuzz
LQ Newbie
 
Registered: Feb 2003
Posts: 4

Original Poster
Rep: Reputation: 0
That's what I thought Peter

By default on a new installation on Red Hat 8, IPChains AND IPTables are both running. This is a bug and I can't believe that since Red Hat decided to use IPTables, they didnt disable the damn IPChains service.

The scary part is, which one was actually running in precedence! I hesitate to say that this may be part of the problem of trying to get ip masquerading working on my end.

Yes, I think Lokkit SUCKS and is more like a wizard with limited use. The garbage it generates in iptable is useless

The really stupid bug I found in the Red Hat security level settings is the one that fails to retain the current setting of the firewall (lo, medium, hi). Geez, I can't believe RedHat let this one slip by. I mean this is what I pay Red Hat for isn't it? To come up with a nice installer, test out the applications and actually charge me for this!

Awful. Just awful.

Last edited by mrbuzz; 02-26-2003 at 05:22 AM.
 
Old 02-26-2003, 05:15 AM   #4
mrbuzz
LQ Newbie
 
Registered: Feb 2003
Posts: 4

Original Poster
Rep: Reputation: 0
The system security level application and Lokkit appear to accomplish the same thing - update the iptables file.

The no firewall setting deletes the iptables file
The low firewall and high firewall setting creates the iptables file with different levels of support.

Looking at Firestarter web page... looks nice.. thanks

Last edited by mrbuzz; 02-26-2003 at 05:25 AM.
 
Old 03-03-2003, 03:56 PM   #5
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
Just to even the playing field,
iptables won't load if there are any ipchains modules in memory.
ipchains won't load if there isn't a config file to read,

So to be fair, RH did cover themselves, but what a way to find out about it, eh?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
An error occured getting IPtables status from the command /etc/rc.d/init.d/iptables s CrazyMAzeY Linux - Newbie 10 08-12-2010 05:25 AM
Iptables - Couldn't load target `ACCPET':/lib/iptables/libipt_ACCPET.so: z00t Linux - Security 3 01-26-2004 02:24 AM
IPtables Log Analyzer from http://www.gege.org/iptables/ brainlego Linux - Software 0 08-11-2003 06:08 AM
iptables book wich one can you pll recomment to be an iptables expert? linuxownt Linux - General 2 06-26-2003 04:38 PM
My iptables script is /etc/sysconfig/iptables. How do i make this baby execute on boo ForumKid Linux - General 3 01-22-2002 07:36 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:28 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration