On Tue, 29 Oct 2002, Robert P. J. Day wrote: =>On Tue, 29 Oct 2002, Taylor, ForrestX wrote: => =>> Robert P. J. Day wrote: =>> > as part of a tutorial i'm writing on iptables, here's what i've listed -- =>> > feedback is appreciated. =>> > =>> > to switch from ipchains to iptables: =>> > =>> > # chkconfig --level 0123456 ipchains off (turn off auto start) =>> > # service ipchains stop (stop ipchains) =>> > # rmmod ipchains (unload the module) =>> > # rpm -e ipchains (if you're SURE :-) =>> > =>> > # insmod ip_tables (insmod or modprobe?) =>> > # chkconfig iptables on (auto start) =>> > # service iptables start (fire it up) =>> > # iptables -L (verify with listing) =>> > =>> > comments? =>> > =>> > rday =>> =>> I would say that you should use `modprobe -r` instead of rmmod, and =>> modprobe instead of insmod. `modprobe` will include any module =>> dependencies, thus it is a good habit to get into ;o) => =>now that i think about it, doesn't "service iptables start" =>automatically load ip_tables anyway? I'd be careful here. If you load iptables then that's all you get. You really want to explicitly load any additional other modules you might need for what you're doing. e.g., If you allow any ftp traffic then you probaly want to load ip_contrack and ip_contrack_ftp. -- -Time flies like the wind. Fruit flies like a banana. Stranger things have - -happened but none stranger than this. Does your driver's license say Organ -Donor?Black holes are where God divided by zero. Listen to me! We are all- -individuals! What if this weren't a hypothetical question? steveo@syslang.net -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
