HI Guys,

I am preparing for my rhce exam and its going to happen next week. I want to know whether i can flush the iptables and stop the iptables permenantly before starting my rhct section . My tutor told to stop the iptables permenantly on runlevel 3,5 and start the exam. My doubt is that if i stop the iptables there are many section in the rhce sections like pop3 where we have to enter iptable rules and save it. So my confusion is that whether i should stop or start the iptables at the end of the exam. Please help me...Thanks in advance...

You need to achieve the tasks required of you. If you are happy that you can pass the test, when executed from the remote testing station, then however you achieve it is fine. That sounds really vague, but there are so many ways to do things in the exam, e.g. iptables vs. tcpwrappers that you can do whatever you feel like if it gives the right result.

Since this is a test I can't tell you the answer but would like to suggest you think about:
1) What command determines which run levels services are started in?
2) What command stops iptables?

For your RHCE how would you reverse those actions? It should be fairly obvious.

Personally I prefer using iptables, as you can generically effect the usage of a lot of different services from a single place. You should do what you prefer.

Right - he was saying instructor told him to turn it off for RHCT for run levels 3 and 5. I was hinting that may be the "end state" instructor is looking for in RHCT and it doesn't preclude restarting things for the RHCE.

If he doesn't know the answers to the two questions I asked my guess is he isn't going to pass the RHCT so won't need to worry about the RHCE.

I have few more dowbt.

1) I will be using both tcp/wrappers and iptables for the rhce section

2) Will i fail the exam if i permenetaly disable the iptables.

3) Will the examiner check only the rules save in the iptables or will they check whether iptables service is on at the end of the exam.

Thanks for all the reply.....

You will be required to put your system in an end state base on the test. If that end state says "have iptables set so as to block port 8000" then obviously you would fail if you didn't have iptables on.

iptables is one of the key security tools used in RHEL so you should plan on being able to stop, start and modify it. tcp wrappers is also discussed in training so it seems likely it would be important to know how to use it as well.

No one is going to tell you what end state is required as it is prohibited by RedHat to do so.

You seem to be *TOTALLY* missing the point of how the exam works. If you're intent of fine tuning what you can and can't get away with, then why even bother doing it??

I don't like the questions you're asking, or rather, the way you're asking them, I can answer them though.

1) Well, no I can't answer that, as it's not a question. I can say "Oh." though if you want a response.

2) Not if you can achieve the requirements without it.

3) No. Testing is done from a remote machine which poses as both a good and bad client, trying to achieve things.