We help IT Professionals succeed at work.

iptables

690 Views
Last Modified: 2013-11-16
running cent5
I am trying to add some iptable rules and is unable to locate /etc/syconfig/iptables
and when i do service start iptables nothing happens
its a fresh installation of cent os
anyone ?
Comment
Watch Question

Sudeep SharmaTechnical Designer
CERTIFIED EXPERT

Commented:
run rpm -qa | grep iptables

Does it shows you anything?

I think iptables are not installed on your system.

Sudeep

Commented:
You should do service iptables start not service start iptables. Also if there are no iptables in the config then it will load with empty tables.

You can see the tables with "iptables -L" (capitalisation important)

If you want to create /etc/syconfig/iptables then use the command "touch /etc/syconfig/iptables"

If you have manually entered in some IP Tables rules and want to save them to the default config run "iptables-save"

Finally, If you have a script with IP Tables in it and want to load it run the command "iptables-restore /path/to/script"

Author

Commented:
[root@srv1 ~]# rpm -qa | grep iptables
iptables-ipv6-1.3.5-5.3.el5_4.1
iptables-1.3.5-5.3.el5_4.1
[root@srv1 ~]# service iptables status
Firewall is stopped.
[root@srv1 ~]#

Author

Commented:
[root@srv1 ~]# service iptables status
Firewall is stopped.
[root@srv1 ~]# service iptables start
[root@srv1 ~]# service iptables status
Firewall is stopped.
[root@srv1 ~]#

Author

Commented:
[root@srv1 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[root@srv1 ~]#
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
if you do not have graphical interface, run the system-config-securitylevel-tui

Author

Commented:
got it setup -> turn firewall on
and it works

one last question
whats the difference between
rh-firewall-1-input iptables
iptables -A input

Author

Commented:
if i run the following command
iptables -A input ....
why isnt it appearing in the etc/sysconfig/iptables
nor on iptables -L
even after restarting iptables
helppppp
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
INPUT is the table.
RH-Firewall-1-input is another table.
The difference is that if you just add a rule to INPUT you also need to add a rule to Forward.
i.e. allow connection in. (INPUT)
Allow connection to pass through NAT to the destination system (Forward)

Please note when running iptables -L that RH-Firewall-1-Input is referenced under INPUT and FORWARD with allow. i.e. you add an entry to RH-Firewall-1-INPUT and access exists.

Was the rule accepted or rejected?
The -A is append, the rule might be there but is at the end of the chain and is being denied if it follows an explicit reject.
You need to use /etc/init.d/iptables save or /sbin/iptables-save.

using the iptables command only make changes to the running system, but does not automatically store this change permanently.
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.