iptables and RedHat 8

C8H10N4O2 · 05-12-2003, 04:16 PM

I'm running RedHat 8.0. I scanned my system with nmap and I found a few open ports (only 3 which surprised me). Obviously I wanted them closed, but it seems “iptables” is not a valid command. I thought that maybe it wasn't installed, so I found an RPM package for it and gave that a try, but it told me it was already installed.

Then I entered “/sbin/iptables” and I got the error message.

iptables v1.2.6a: no command specified
Try `iptables -h' or 'iptables --help' for more information.

I tried to close the port by typing “/sbin/iptables -A INPUT -p tcp --dport <port number> -j REJECT

I received no feedback, but no error messages either so I thought it may have worked. But then another nmap scan showed the port still open.

I'm very much a newbie to this, can anybody suggest what I might be doing wrong? Thank you.

jetblackz · 05-12-2003, 05:15 PM

Find out where it is:

whereis iptables

or

find / -name iptables*

C8H10N4O2 · 05-12-2003, 05:19 PM

whereis iptables returned...

iptables: /sbin/iptables /lib/iptables /usr/share/man/man8/iptables.8.gz

jetblackz · 05-13-2003, 02:32 PM

No response is the right response. Did you try iptables --help?

I think it took your parameters. Do

iptables -xnvL

nakkaya · 05-13-2003, 08:42 PM

http://firestarter.sourceforge.net/

download it it is a iptables wrapper easy to use and effective

C8H10N4O2 · 05-14-2003, 08:48 AM

Yeah I tried the help, any command beginning in "iptables" simply complains that it's unknown command.

I'll give that wrapper a try as soon as I get back home. Thanks.

jetblackz · 05-14-2003, 12:07 PM

Then iptables is either not installed or not in path.

find / -name iptables*

If nothing turns up, reinstall it through Control Center as root.

Crashed_Again · 05-14-2003, 12:16 PM

Well you have to be root to use iptables and they must be in your path:

echo $PATH

If you don't see /sbin then its not in your path. Try specifying the whole path to the command:

/sbin/iptables -L

C8H10N4O2 · 05-14-2003, 03:08 PM

Yeah it works when I use the whole path (as I did above when trying to close the ports) just not alone, and the help files tell me to do exactly what I did, which didn't work. Anyway I'm about to give that wrapper a try now. I'll edit this post and say how it went.

Well it doesn't work really, the ports are still open. I give up though, I was able to configure it perfectly easily on my main partition (Vector Linux). RedHat is just installed on spare space that I use for trying every distro I can get my hands on anyway. I'm somewhat of a Linux whore.

gruger · 05-22-2003, 05:10 PM

Just try

iptables -A INPUT -p tcp --dport [open port] -j REJECT

This shut work also

iptables -A INPUT -p tcp --dport [open port] -j DROP