LinuxQuestions.org - Help! ipchain & iptables not working

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - Help! ipchain & iptables not working (https://www.linuxquestions.org/questions/linux-security-4/help-ipchain-and-iptables-not-working-7502/)

Help! ipchain & iptables not working

Hi guys
Fisrt post and a bit of a newbie so please bear with me.

I've Installed Redhat 7.1 chose 'medium' option for firewall. Setup samba and couldn't connect from win9x boxes but smbclient testing on server was all OK.
ipchains -F command and samba runs fully, well as I want it to :-)

at startup, ipchain -L gives
Chain input (policy ACCEPT):
target prot opt source destination ports
ACCEPT udp ------ BadBoy.AWLAN anywhere domain -> any
ACCEPT all ------ anywhere anywhere n/a
REJECT tcp -y---- anywhere anywhere any -> 0:1023
REJECT tcp -y---- anywhere anywhere any -> nfs
REJECT udp ------ anywhere anywhere any -> 0:1023
REJECT udp ------ anywhere anywhere any -> nfs
REJECT tcp -y---- anywhere anywhere any -> x11:6009
REJECT tcp -y---- anywhere anywhere any -> xfs
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):

and, iptables -L
/lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: init_module:
Device or resource busy
Hint: insmod errors can be caused by incorrect module parameters,
including invalid IO or IRQ parameters
/lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: insmod /lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o failed
/lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: insmod ip_tables failed
iptables v1.2.1a: can't initialize iptables `filter': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded

OK so this is now all beyond me, module parameters ?
insmod ?
iptables or kernel upgrade ?
read what I could but it isn't making sense yet :-|

what have I done and how or what do I do to fix it so that I can set-up the firewall and start sharing the modem etc. ?

TIA
teddie

I had that problem once and I upgraded my kernel.

I know that RH 7.1 comes with 2.4.2 kernel if I'm not wrong.
Try a new kernel maybe 2.4.5 or higer.

In 2.4.5 kernel ipchains don't work but iptables is ok and you can setup yuor firewall.

Regards.

First of all you do not need to recompile your kernel in redhat 7.1 to use iptables by default on a normal install 7.1 will load ipchains and iptables the only thing is ipchains will over-rule iptables on boot because you can't run them both at the same time

shutdown ipchains by doing chkconfig --level 0123456 ipchains off
service ipchains stop

then do a chkconfig --level 235 iptables on

and reboot your system to remove the ipchains.o module and load the appropriate iptables module

then go here to read and learn about setting up your iptables to meet your needs.
http://www.linuxguruz.org/iptables/

I hope this helps

Thanks guys for the response,
from my further reading/searching I think I've got an idea of what's going on...... but It'll have to wait till the weekend for me to try it again....
thanks again

teddie