You will want to consult this doc, how to setup Iptables on a RedHat box. Rules are written to /etc/sysconfig/iptables. http://kbase.redhat.com/faq/docs/DOC-9017 Aaron -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of sunhux G Sent: Thursday, September 17, 2009 11:27 PM To: General Red Hat Linux discussion list Subject: Re: Exact syntax and examples for iptables Hi Aaron, iptables is not running as the previous sysadmin hardened the server. How do I turn it on? So I issue the two commands you gave on both cluster nodes & it will stop the Windows server from accessing on both nodes as well as the cluster virtual IP address? What's the command to reverse back, in case there's problem, I'll need to fallback Thanks U On Fri, Sep 18, 2009 at 10:35 AM, Aaron Bliss <abliss@xxxxxxxxxxxxx> wrote: > Assuming that you already have iptables running > > /sbin/iptables -I RH-Firewall-1-INPUT -s 10.5.5.25 -j DROP > /sbin/service iptables save > > -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx [mailto: > redhat-list-bounces@xxxxxxxxxx] > On Behalf Of sunhux G > Sent: Thursday, September 17, 2009 10:30 PM > To: General Red Hat Linux discussion list > Subject: Exact syntax and examples for iptables > > Hi, > > I have a RHEL 5.1 cluster that's constantly being accessed by > application from a Windows server application via sqlnet (ie Tcp > port 1521) which caused a specific Oracle accounts to be locked. > > Thus I would like to set up iptables / firewall on this Linux box to > stop the sqlnet access. Can someone provide me some example > commands / syntax ? > > Source IP address : 10.5.5.25 (Windows server) > Tcp port : 1521 > My Linux boxes IP address : 10.5.5.46 / .47 > My Linux cluster virtual addr : 10.5.5.45 > > In fact I would like to block on all ports on the Linux cluster to stop > this Windows server from accessing it. So what's the exact commands > I should issue on each of the Linux box? Would iptables also block > the Windows server from accessing the cluster virtual IP addr? > > > Thanks > U > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
