Thanks All/Raj, Ok, I miss something so
the following works :
# chkconfig iptables on
# /sbin/iptables -I RH-Firewall-1-INPUT -s 10.5.5.25 -j DROP
# /sbin/service iptables save <== this will create /etc/sysconfig/iptables
# /sbin/service iptables save <== this will create /etc/sysconfig/iptables
# service iptables restart
Thanks
On Fri, Sep 18, 2009 at 6:46 PM, Rajveer Singh <torajveersingh@xxxxxxxxx> wrote:
Dear sunHux,iptables stores rules in /etc/sysconfig/iptables file by default. So if you don't have any rules in this file, and try to start iptables service using "service iptables start" you will see the out of "service iptables status" as "Firewall is stopped".So it's not any issue and you can put any iptable rules.Re,RajOn Fri, Sep 18, 2009 at 4:05 PM, sunhux G <sunhux@xxxxxxxxx> wrote:
I can't even start up iptables as the previous admin hardened it(but not sure how / where he hardened it)So despite that I doservice iptables start,"service iptables status" still show "Firewall is stopped"Now, can I use /etc/hosts.deny instead ?Do I need to do "pkill -HUP tcpd" or"service xinetd restart" - which of the twocommands shd I execute & what's the syntaxin /etc/hosts.deny ?ThanksOn Fri, Sep 18, 2009 at 11:38 AM, Ian Hayes <cthulhucalling@xxxxxxxxx> wrote:
[root@cthulhu ~]# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 DROP all -- 10.5.5.5 anywhere
2 DROP all -- 10.5.5.6 anywhere
3 DROP all -- 10.5.5.7 anywhere
Find the rule number that matches the one you want to delete. Say you want to delete #2 from the INPUT table
[root@cthulhu ~]# iptables -D INPUT 2
[root@cthulhu ~]# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 DROP all -- 10.5.5.5 anywhere
2 DROP all -- 10.5.5.7 anywhere
Or you can do iptables -F which will basically drop all your iptables. Make sure you've saved recently before you do that.
On Thu, Sep 17, 2009 at 8:22 PM, sunhux G <sunhux@xxxxxxxxx> wrote:
Thanks Ian.So I issue this command on both cluster nodes and it will alsostop access to the virtual cluster address?What's the command to reverse / remove
" iptables -A INPUT -s 10.5.5.25 -j DROP " ?Just in case there's a problem, I'll need to reverse.TksUOn Fri, Sep 18, 2009 at 10:36 AM, Ian Hayes <cthulhucalling@xxxxxxxxx> wrote:
iptables -A INPUT -s 10.5.5.25 -j DROP
On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <sunhux@xxxxxxxxx> wrote:--Hi,I have a RHEL 5.1 cluster that's constantly being accessed by anapplication from a Windows server application via sqlnet (ie Tcpport 1521) which caused a specific Oracle accounts to be locked.The owner of the Windows box does not know why the Filenetapplication is doing this so while she's doing the research whichconfiguration in Filenet needs to be fixed to stop this, we need aninterim measure to block this Windows server's access to the cluster.Thus I would like to set up iptables / firewall on this Linux box tostop the sqlnet access. Can someone provide me some examplecommands / syntax ?Source IP address : 10.5.5.25 (Windows server)Tcp port : 1521My Linux boxes IP address : 10.5.5.46 / .47My Linux cluster virtual addr : 10.5.5.45In fact I would like to block on all ports on the Linux cluster to stopthis Windows server from accessing it. So what's the exact commandsI should issue on each of the Linux box? Would iptables also blockthe Windows server from accessing the cluster virtual IP addr?ThanksU
Linux-cluster mailing list
Linux-cluster@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/linux-cluster
--
Linux-cluster mailing list
Linux-cluster@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/linux-cluster
--
Linux-cluster mailing list
Linux-cluster@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/linux-cluster
--
Linux-cluster mailing list
Linux-cluster@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/linux-cluster
--
Linux-cluster mailing list
Linux-cluster@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/linux-cluster
--
Linux-cluster mailing list
Linux-cluster@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/linux-cluster
-- Linux-cluster mailing list Linux-cluster@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/linux-cluster