Dear all ,

i am running redhat 9 , i am facing some problms with NFS with other
computers on the same lan .

i thik it is a firewall problem

i used (( iptables -L )) to check my firewall settig and it give me
that no rules are applied

but when i use the command redhat-config-securitylevel
it gave me that my secuirty level is high

i really don't know which of them to trust , what i know is that whn i use
redhat-config-securitylevel it should be shown in the iptables -L output

can anyone tell me how i can be sure from my firewall settings !!!!

thanks

What did the iptables -L command say about the policies set for the chains?
Setting no rules and a DROP policy would be the absolute security, since it won't let anything through.

Try
# iptables -L -n -v --line-numbers
Look at the file
cat /etc/sysconfig/iptables
It should contain all of the rules currently in force.
Consider turning off redhats firewall, then create your own
using the /sbin/iptables command. It takes a little bit of reading
to figure it all out but then you know what you're working with.

yes i want to turn off the redhat firewall

is there a command i can use to turn off the redhats firewall or i must use the graphical tools

thanks

I don't know what scripts the graphical firewall program causes to be run when you boot up. So I'd go into the GUI and turn it off, then you will never have to deal with it anymore. See my previous post and look at the /etc/sysconfig/iptables file, that file should contain the firewall rules to be applied when you boot up. The file is created by saving the iptables, there is an option to /sbin/iptables to do that. I believe the graphical tools writes to that file and when you disable the redhat firewall the only rules that are left will be the rules to accept all incoming and outgoing packets.

If you get discouraged trying to figure out iptables, you might want to consider using a GUI called guarddog (do a search to obtain it if you want it) which makes setting firewall parameters very easy. Guarddog requires a certain amount of KDE stuff to be installed, but apart from that it should be a snap to install and use.

Guarddog and any other gui based firewall generators are a pain. They have limited functunality. No one could possibly design tools like that with the whole world in mind. So it just gives you a small set of "basic" options. At least I've never found a gui-firewall to meet my needs.

I think its much better to use a very extensive script or just learn iptables.

Well, it kinda comes down to the age-old question of how much time a user is able or willing to devote to learning such things. I spend too much time at the computer already! For my simple needs (browsing, email, and website administration), Guarddog is a godsend. I don't need anything beyond basics.