I can't even start it up as the previous admin hardened it (but not sure how / where he hardened it) So despite tt I do service iptables start, "service iptables status" still show "Firewall is stopped" Now, can I use /etc/hosts.deny instead ? Do I need to do "pkill -HUP tcpd" or "service xinetd restart" - which of the two commands shd I execute? Thanks On Fri, Sep 18, 2009 at 4:59 PM, Ahmed Sharif <ahmed.sharif.bd@xxxxxxxxx>wrote: > To start IPtables use: > #service iptables start > > To stop iptables use: > #service iptables stop > > Now after inserting the rules if you want to revert back, you need to > delete > the rules using -D option of iptables command. > > For example the following command will delete rule number 1 from INPUT > chain. > > #iptables -D INPUT 1 > > > Regards, > > Ahmed Sharif > > On Fri, Sep 18, 2009 at 10:44 AM, Aaron Bliss <abliss@xxxxxxxxxxxxx> > wrote: > > > You will want to consult this doc, how to setup Iptables on a RedHat box. > > Rules are written to /etc/sysconfig/iptables. > > > > http://kbase.redhat.com/faq/docs/DOC-9017 > > > > Aaron > > > > -----Original Message----- > > From: redhat-list-bounces@xxxxxxxxxx [mailto: > > redhat-list-bounces@xxxxxxxxxx] > > On Behalf Of sunhux G > > Sent: Thursday, September 17, 2009 11:27 PM > > To: General Red Hat Linux discussion list > > Subject: Re: Exact syntax and examples for iptables > > > > Hi Aaron, > > > > iptables is not running as the previous sysadmin hardened the server. > > > > How do I turn it on? > > > > > > So I issue the two commands you gave on both cluster nodes & it will > > stop the Windows server from accessing on both nodes as well as the > > cluster virtual IP address? > > > > What's the command to reverse back, in case there's problem, I'll > > need to fallback > > > > > > Thanks > > U > > On Fri, Sep 18, 2009 at 10:35 AM, Aaron Bliss <abliss@xxxxxxxxxxxxx> > > wrote: > > > > > Assuming that you already have iptables running > > > > > > /sbin/iptables -I RH-Firewall-1-INPUT -s 10.5.5.25 -j DROP > > > /sbin/service iptables save > > > > > > -----Original Message----- > > > From: redhat-list-bounces@xxxxxxxxxx [mailto: > > > redhat-list-bounces@xxxxxxxxxx] > > > On Behalf Of sunhux G > > > Sent: Thursday, September 17, 2009 10:30 PM > > > To: General Red Hat Linux discussion list > > > Subject: Exact syntax and examples for iptables > > > > > > Hi, > > > > > > I have a RHEL 5.1 cluster that's constantly being accessed by > > > application from a Windows server application via sqlnet (ie Tcp > > > port 1521) which caused a specific Oracle accounts to be locked. > > > > > > Thus I would like to set up iptables / firewall on this Linux box to > > > stop the sqlnet access. Can someone provide me some example > > > commands / syntax ? > > > > > > Source IP address : 10.5.5.25 (Windows server) > > > Tcp port : 1521 > > > My Linux boxes IP address : 10.5.5.46 / .47 > > > My Linux cluster virtual addr : 10.5.5.45 > > > > > > In fact I would like to block on all ports on the Linux cluster to stop > > > this Windows server from accessing it. So what's the exact commands > > > I should issue on each of the Linux box? Would iptables also block > > > the Windows server from accessing the cluster virtual IP addr? > > > > > > > > > Thanks > > > U > > > -- > > > redhat-list mailing list > > > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > > -- > > > redhat-list mailing list > > > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > > -- > > redhat-list mailing list > > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > > > -- > > redhat-list mailing list > > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > > https://www.redhat.com/mailman/listinfo/redhat-list > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
