Doh! Just about to leave the office on Friday, I realised what the problem was, and 
that I had fallen into the trap of thinking that because I was trying to sort out 
firewall rules, the rejection was by a firewall - not so - it was simply that inet 
wasn't configured for ftp and telnet. Sigh. Thanks for the suggestions, and at least 
I've got a good example script from Knut on which to base my firewall definitions.

/Sam

Sam Sexton
Reuters Coventry
Reuters Treasury Solutions (Internal)
Reuters Treasury Solutions (public)
Phone: +44 24 7625 6562
Fax:   +44 24 7655 5203


                                                                                       
                            
                    Sam                                                                
                            
                    Sexton/LON/GB/Reute       To:      [EMAIL PROTECTED]          
                            
                    rs@Reuters                cc:                                      
                            
                    Sent by:                   Subject:     ipchains vs iptables with 
7.3 new install              
                    redhat-list-admin@r        Header:      Internal Use Only          
                            
                    edhat.com                                                          
                            
                                                                                       
                            
                                                                                       
                            
                    20/09/02 15:15                                                     
                            
                    Please respond to                                                  
                            
                    redhat-list                                                        
                            
                                                                                       
                            
                                                                                       
                            



I'm new to Linux and firewalls, but have several years SunOS/Solaris
experience.

I have just installed 7.3 Personal and opted for the high security
firewall option during the installation process. This is for internal
product testing and will not be used with the Internet. However, I then
decided that I should ensure that all the comms work fine before imposing
rules, so I hunted around and found a reference to gnome-lokkit, which is
not installed (don't ask me why - I don't know), so I tried the vanilla
lokkit (quaint!). I selected No firewall and OK'd that, but when the
window closed I found I'd been told  ipchains: Protocol not available.

RTFMAWP - and found out all about iptables and ipchains and realised that
I want to use iptables. Both iptables and ipchains are defined (and
ticked, for my fellow pedants!) in the Services list, but when I tried ipchains -L  I 
was told ipchains: Incompatible with this kernel (so how come it's in the services 
config?!).

iptables -L shows me the three (default, I guess) chains INPUT FORWARD and OUTPUT,
each with a policy of Accept and no rules, so I would have thought that
this would allow me to telnet from another address on the same subnet. Not
so - I can ping both interfaces, which are temporarily on the same network
but can telnet to neither.  It appears that ipchains is somehow preventing
access.

So, other than rebuilding with no security, how can I disable ipchains and
start to build my iptables tables?

TIA

/Sam

Sam Sexton
Reuters Coventry
Reuters Treasury Solutions (Internal)
Reuters Treasury Solutions (public)
Phone: +44 24 7625 6562
Fax:   +44 24 7655 5203

------------------------------------------------------------- ---
        Visit our Internet site at http://www.reuters.com

Any views expressed in this message are those of  the  individual
sender,  except  where  the sender specifically states them to be
the views of Reuters Ltd.

I'm new to Linux and firewalls, but have several years SunOS/Solaris experience.

I have just installed 7.3 Personal and opted for the high security firewall option 
during the installation process. This is for internal product testing and will not be 
used with the Internet. However, I then decided that I should ensure that all the 
comms work fine before imposing rules, so I hunted around and found a reference to 
gnome-lokkit, which is not installed (don't ask me why - I don't know), so I tried the 
vanilla lokkit (quaint!). I selected No firewall and OK'd that, but when the window 
closed I found I'd been told  ipchains: Protocol not available.

RTFMAWP - and found out all about iptables and ipchains and realised that I want to 
use iptables. Both iptables and ipchains are defined (and ticked, for my fellow 
pedants!) in the Services list, but when I tried ipchains -L  I was told ipchains: 
Incompatible with this kernel (so how come it's in the services config?!).

iptables -L shows me the three (default, I guess) chains INPUT FORWARD and OUTPUT, 
each with a policy of Accept and no rules, so I would have thought that this would 
allow me to telnet from another address on the same subnet. Not so - I can ping both 
interfaces, which are temporarily on the same network but can telnet to neither.  It 
appears that ipchains is somehow preventing access.

So, other than rebuilding with no security, how can I disable ipchains and start to 
build my iptables tables?

TIA

/Sam

Sam Sexton
Reuters Coventry
Reuters Treasury Solutions (Internal)
Reuters Treasury Solutions (public)
Phone: +44 24 7625 6562
Fax:   +44 24 7655 5203

------------------------------------------------------------- ---
Visit our Internet site at http://www.reuters.com

Any views expressed in this message are those of the individual
sender, except where the sender specifically states them to be
the views of Reuters Ltd.





------------------------------------------------------------- ---
        Visit our Internet site at http://www.reuters.com

Any views expressed in this message are those of  the  individual
sender,  except  where  the sender specifically states them to be
the views of Reuters Ltd.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to