Doh! Just about to leave the office on Friday, I realised what the problem was, and that I had fallen into the trap of thinking that because I was trying to sort out firewall rules, the rejection was by a firewall - not so - it was simply that inet wasn't configured for ftp and telnet. Sigh. Thanks for the suggestions, and at least I've got a good example script from Knut on which to base my firewall definitions.
/Sam Sam Sexton Reuters Coventry Reuters Treasury Solutions (Internal) Reuters Treasury Solutions (public) Phone: +44 24 7625 6562 Fax: +44 24 7655 5203 Sam Sexton/LON/GB/Reute To: [EMAIL PROTECTED] rs@Reuters cc: Sent by: Subject: ipchains vs iptables with 7.3 new install redhat-list-admin@r Header: Internal Use Only edhat.com 20/09/02 15:15 Please respond to redhat-list I'm new to Linux and firewalls, but have several years SunOS/Solaris experience. I have just installed 7.3 Personal and opted for the high security firewall option during the installation process. This is for internal product testing and will not be used with the Internet. However, I then decided that I should ensure that all the comms work fine before imposing rules, so I hunted around and found a reference to gnome-lokkit, which is not installed (don't ask me why - I don't know), so I tried the vanilla lokkit (quaint!). I selected No firewall and OK'd that, but when the window closed I found I'd been told ipchains: Protocol not available. RTFMAWP - and found out all about iptables and ipchains and realised that I want to use iptables. Both iptables and ipchains are defined (and ticked, for my fellow pedants!) in the Services list, but when I tried ipchains -L I was told ipchains: Incompatible with this kernel (so how come it's in the services config?!). iptables -L shows me the three (default, I guess) chains INPUT FORWARD and OUTPUT, each with a policy of Accept and no rules, so I would have thought that this would allow me to telnet from another address on the same subnet. Not so - I can ping both interfaces, which are temporarily on the same network but can telnet to neither. It appears that ipchains is somehow preventing access. So, other than rebuilding with no security, how can I disable ipchains and start to build my iptables tables? TIA /Sam Sam Sexton Reuters Coventry Reuters Treasury Solutions (Internal) Reuters Treasury Solutions (public) Phone: +44 24 7625 6562 Fax: +44 24 7655 5203 ------------------------------------------------------------- --- Visit our Internet site at http://www.reuters.com Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. I'm new to Linux and firewalls, but have several years SunOS/Solaris experience. I have just installed 7.3 Personal and opted for the high security firewall option during the installation process. This is for internal product testing and will not be used with the Internet. However, I then decided that I should ensure that all the comms work fine before imposing rules, so I hunted around and found a reference to gnome-lokkit, which is not installed (don't ask me why - I don't know), so I tried the vanilla lokkit (quaint!). I selected No firewall and OK'd that, but when the window closed I found I'd been told ipchains: Protocol not available. RTFMAWP - and found out all about iptables and ipchains and realised that I want to use iptables. Both iptables and ipchains are defined (and ticked, for my fellow pedants!) in the Services list, but when I tried ipchains -L I was told ipchains: Incompatible with this kernel (so how come it's in the services config?!). iptables -L shows me the three (default, I guess) chains INPUT FORWARD and OUTPUT, each with a policy of Accept and no rules, so I would have thought that this would allow me to telnet from another address on the same subnet. Not so - I can ping both interfaces, which are temporarily on the same network but can telnet to neither. It appears that ipchains is somehow preventing access. So, other than rebuilding with no security, how can I disable ipchains and start to build my iptables tables? TIA /Sam Sam Sexton Reuters Coventry Reuters Treasury Solutions (Internal) Reuters Treasury Solutions (public) Phone: +44 24 7625 6562 Fax: +44 24 7655 5203 ------------------------------------------------------------- --- Visit our Internet site at http://www.reuters.com Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. ------------------------------------------------------------- --- Visit our Internet site at http://www.reuters.com Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list