iptables start doesn't work in slack 9

phishintrip · 06-22-2003, 11:41 PM

in my red hat book i stole from the office it says that after you set all your iptables rules you have to restart it. You supposedly do this by typing "iptables start" however, with slack 9 i get a "Bad argument 'start'" is this not a command in slack 9 what's the deal here. i think that if that is not a standard for slack9 then it is lacking for real.

phishintrip · 06-23-2003, 11:36 AM

basically don't buy red hat 8 for dummies. I have already found like 3 other syntax errors (which are slightly important to linux) while setting up my firewall and script. What the hell is "iptables start". That command doesn't work in red hat either. in fact it is not even a command. I am guessing here that your rules are implemented as you enter them and iptables is always running. I don't mean to dog red hat here just the for dummies book, although, while i am on the subject of red hat and since everyone here is just viewing this post and noone responding, Why do i not have pico?, Why do i not have lynx? Those should definitely be standard in any linux install.

uheilaaa · 06-25-2003, 04:48 AM

On redhat you can use something like:
"service iptables start"
or
"/etc/init.d/iptables start"
or
"/etc/rc.d/init.d/iptables start"

where 'service' is just a wrapper for the RH init.d scripts.

On Slack you can port and "translate" the RH script or write your own.

Try if this works for you.
----------------
IPTABLES_CONFIG=<PATH>/<TO>/<YOUR_IPTABLES_CONFIG_FILE>
chains=`cat /proc/net/ip_tables_names 2>/dev/null`
# flush rules
for i in $chains; do iptables -t $i -F; done
iptables -F
# clear rules
for i in $chains; do iptables -t $i -X; done
iptables -X
# zero counters
for i in $chains; do iptables -t $i -Z; done
# reload and apply rules
grep -v "^[[:space:]]*#" $IPTABLES_CONFIG | grep -v '^[[:space:]]*$' | /sbin/iptables-restore -c
----------------

Look at RH9.0 iptables init.d script for details.

"man iptables" and "iptables --help" work on every distro ;-)

Lynx should be replaced by links (which supports html table).
w3m is the best one (at least for me), tables work fine and javascript support is under development.

The 'pine' package (which owns pico) has a non-free license, some distros don't like this (e.g. debian).

Regards

spurious · 06-25-2003, 06:57 AM

Red Hat has that convenient 'service iptables restart' command that calls the iptables script under /etc/init.d/iptables. However, Slackware uses a different style of init scripts.

Under Slackware, It's probably easier just to have an 'iptables.sh' script that you would call from /etc/rc.d/rc.local to start iptables. When you need to restart iptables, you would do /sbin/iptables -F to flush your existing iptables rules, then run your iptables.sh script.

If you want, I can post a simple iptables script for a homeLAN internet gateway.

IPTABLES REFERENCES
Netfilter iptables home -- http://www.netfilter.org/
Frozen Tux iptables tutorial -- http://iptables-tutorial.frozentux.net/
IP masquerade HOWTO -- http://tldp.org/HOWTO/IP-Masquerade-HOWTO/index.html

SAMPLE SCRIPTS
Arno's hardened iptables script -- http://freshmeat.net/projects/iptabl.../?topic_id=151
Jay'shomeLAN iptables -- http://firewall-jay.sourceforge.net/

phishintrip · 06-25-2003, 01:15 PM

yeah the word service is missing from the red hat for dummies book. Not that that was important in making it work, i mean linux doesn't care about the syntax so why should the writers of red hat 8 for dummies, right?
They are fukkin idiots. of course i didn't realize this little syntax error in the book until today when i was talking to the unix admin at school. As for slack9, now that i know all this i think i can write my own script that will do it for me.
This linux sh|t is just way 2 cool !!!!!!