** Reply to message from Bret Hughes <[EMAIL PROTECTED]> on Tue, 14 Jan 2003 
21:46:15 -0600


> On Tue, 2003-01-14 at 14:19, gabriel wrote:
> > On January 14, 2003 12:08 pm, Yu Liang wrote:
> > > What command should I use? Or how can I verify that they have been turned
> > > off?
> > 
> > i believe redhat has two special scripts that will allow you to either (a) 
> > blow away all iptables rules or (b) lock down your box so nothing enters and 
> > nothing leaves.  they should be called "accept-all" and "panic" respectively.
> > 
> > 
> > 
> 
> this is pretty cool.  BTW the panic is an argument to service
> ip[chains|tables] not a special script.  At least not on my 7.3 systems.
> 
> e.g. service ipchains panic
> 
> Never even crossed my mind, but I like it.

Checking the chkconfig script, "service iptables panic" changes all default policies 
on all chains in all three tables to DROP, then flushes the chains, then deletes them 
all. No way for a packet to get through after that.

A well written bash script this one.

jb



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to