Please help ! Re-install of ipchains

[samuelee]

Dear all,

After I've added ipchains rules via linuxconf, there was an error message prompted and the process terminated. Then I found that all the ports of my machine were blocked. Therefore, I've tried to reset it by using lokkit. Even thought the ipchains setting in /etc/sysconfig/ipchains was correct, the problem could not be fixed.
Eventually, I decided to re-install the ipchains again but in vain.
Would you ming telling me how to re-install ipchains and solve this problem ?

Thanks a lot !

My environment :
Linux 7.2
ipchain-1.3.10-10 (I've tried to upgrade to ipchain-1.3.10-16 )

 

[pupu]

I don't think that your /etc/sysconfig/ipchains is correct when it doesn't work. Try to rename it and then type '/etc/init.d/ipchains restart'. That will reset your ipchains rules to an empty set. And I suggest to forget linuxconf. I had very bad experience with it in different areas.

 

[timsr]

Use ipchains -F to flush all the rules. If ypu want a down and dirty script to set up all of the rules, check out pmfirewall. I don't remeber the url, but a search should find it.

 

[pupu]

That's not enough. You also have to set default rules or you may end up with inaccessible server.

 

[samuelee]

Thankyou for your help !
Because my system is running Linux 7.2, is it necessary to disable iptables before installing pmfirewall ?
What are the steps to disable iptables ?

 

[samuelee]

From the readme document of pmfirewall-1.1.4, it cliams that it supports RehHat 6.x, does it support RedHat7.2 ?
IS there any adjustments for me to migrate from Linuxconf to pmfirewall?
Please kindly give your advices !

Thanks a lot !

 

[PcLinuxGuru]

Your IPchains and IPTables are probably bumping into each other. I have never seen or heard of a machine using both.

In ref to:
Because my system is running Linux 7.2, is it necessary to disable iptables before installing pmfirewall

and

My environment :
Linux 7.2
ipchain-1.3.10-10 (I've tried to upgrade to ipchain-1.3.10-16 )

Try using only one of them

 

[samuelee]

Thanks for your advices.
In your point of view, which one (ipchains/iptables) is better and suit for my case ?

 

[pupu]

Iptables is new system, which replaces older ipchains. I don't know about feature that ipchains have and iptables doesn't. The only drawback is that some tools cooperate only with ipchains. I suggest iptables.

 

[tarn]

Ok to disable anything that is started from /etc/rc.d/init.d on Red Hat you can use "chkconfig" see: man chkconfig.


Briefly:

chkconfig --list # Lists the processes and their status
chkconfig --list ipchains # Shows info for ipchains
chkconfig --add <process> # will add a process into the list
chkconfig --level 12345 ipchains on # Turns ipchains on for runlevel 1234&5
chkconfig --level 12345 ipchains off # Guess what!

iptables are probably your best option but ipchains will probably do all you need!

On Red Hat, to re-install a package use the .rpm and do rpm -Uvh <Path/or/url/http:/to/name_of_.rpm..

Good Luck
Laurie.