RE: RH7.2 lokkit changes don't hold

[Terry Hobart]

Title: RH7.2 lokkit changes don't hold

From the messages you have given so far I think maybe something else may be in effect. You can check the iptables script lokkit created to make sure things are set the way you expected them to be. I’ll warn you though, I don’t use lokkit because of things like your message. So, take my location information with a grain of salt. The file should be in /etc/sysconfig and be titled iptables (I use 8.0 – 7.2 was on the edge of the ipchains to iptables switch over) or ipchains.   One thing you might do is service iptables (or ipchains) stop and then check again. This will eliminate the firewall from the problem so you can check the card setup.   My boss swears by shorewall as a fire wall tool. Check it out too. I am partial to guard dog ( I am new to linux and it is designed as a learning tool).   As for your direct lokkit question – yes. Each time lokkit is invoked it says high no matter what the existing fire wall is doing. It writes the changes when you save to be invoked the next time the iptables/ipchains damon is restarted.   Hope this helps and I am not leading you too far astray.   Terry   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Douglas, Stuart Sent: Friday, February 21, 2003 11:43 AM To: [EMAIL PROTECTED] Subject: RE: RH7.2 lokkit changes don't hold   Hmmm...you may have lost me here, Terry.   It sounds like what you're saying is that even though lokkit is displaying high, it actually has been setup with my changes?  That would be great but I think it actually IS on high in that I ping it at it's now address but can neither connect via ftp nor ssh.  Do I need to stop/start the service after making changes?  Is there some place I can look to see what the actual live settings are?   Thx!   Stuart -----Original Message----- From: Terry Hobart [mailto:[EMAIL PROTECTED] Sent: Friday, February 21, 2003 2:30 PM To: [EMAIL PROTECTED] Subject: RE: RH7.2 lokkit changes don't hold Lokkit reverts to high by default each time it is invoked. The original settings are in effect on the machine it is just that when lokkit runs it does not read them and just displays high. The obvious problem with this is you have to remember what you entered the last time in order to do it again.   Terry   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Douglas, Stuart Sent: Friday, February 21, 2003 10:55 AM To: [EMAIL PROTECTED] Com (E-mail) Subject: RH7.2 lokkit changes don't hold   After assigning a new IP to an ftp server, I find that the firewall is reverting to a high setting and won't stay at medium with allowances for ssh and ftp.  Any ideas on why or how to make it stick? Thanks! Stuart