Greetings;

I am a relative newbie to Linux but thanks to this board and other Internet links I have finally achieved close to what I am looking to do. Basically I am using a custom install (no graphics or extras installed) of Redhat 7.2 as a firewall and am wondering how to close services. I have installed an Iptables script that is finally working ( I think) and I need to close services and am unsure of how. In /etc/services there are quite a few lines and all are uncommented. Is this correct? should I be commenting them out. Any help would be really appreciated.

Cheers

No, the /etc/services file is a lookup file for a lot of programmes...

Services are controlled by the chkconfig command. look at
man chkconfig
It works on the files in the /etc/rc.d/init.d/ directory and /etc/rc.d/rc~.d directories.

chkconfig --list will give you all the services recognised in the pc and which runlevels they are on/off for.
chkconfig --level 2345 service1 off
will turn 'service1' off in runlevels 234&5
service service1 stop will stop 'service1' if it running.
netstat -anp will list what services are listening for connections and their names

ps-e will list their names and PID numbers to shut them down
kill -TERM pidnumber to stop them

Thanks Peter

I will look at what is running and close what I need to. Once done, do you know of a good site to check how secure your firewall is?

Cheers

Thanks for the link..........something else came up when running the commands Peter passed on. When I installed the iptables script I got from browsing this board, it replaced /etc/init.d/iptables. (I saved the original file as iptables1 just in case). When I look at /chkconfig --list it shows iptables1 as off on all levels and no listing for the new iptables file........... I think I am supposed to create symlinks in rc~.d. for the different levels I want this service to run on...is that correct?

Cheers

Not always...
some scripts tag onto the end of rc.local or are called from rc.local

Ummm..... is it better to create a rc.firewall script and have it load from rc.local. It seems that I may have made a mistake in overwriting the /etc/init.d/iptables file. I don't understand why the saved /etc/init.d/iptables1 file is showing up when I issue the command /chkconfig --list.

Cheers

The files in /etc/rc.d/init.d/ are there to start/stop the services.

It isn't really acceptable to add your script info there, rather just a new file that starts before/after iptables is started.

Chkconfig works with these files to place links in the other rc~.d directories, which is the SysV style of managing services.
It looks for a header in the beginning of the file to know which link number to give the file.eg

root@peter /usr/src# cat /etc/init.d/iptables
#!/bin/sh
#
# Startup script to implement /etc/sysconfig/iptables pre-defined rules.
#
# chkconfig: 2345 08 92

The 08 and 92 are the start number and kill number.
The files are started in number order inside the rc~.d directory and killed in reverse order.

People work with scripts in rc.local because it is in the boot sequence of every runlevel.

I personally prefer to make the rules by hand, 1 by 1, coz that's what my company does, make firewalls...

You may prefer to run a sample script from a tutorial and after running it, make changes until it works by hand, using the 'iptables' command, then doing 'service iptables save' to make a boot copy in /etc/sysconfig/iptables.
This gives you a datum to base rules on.
To stop /etc/sysconfig/iptables from loading, rename it.
To modify rules, do it with the iptables command, then when the changes work, do 'service iptables save' again...