Avatar of tjie
tjie
Flag for United States of America asked on

Centos 5: Firewall# 2

Hi,

1) I have enterprise network (consisting of LAN 1 and LAN 2)
- LAN 1: 172.17.17.0/24
- LAN 2: 192.168.51.0/24
2) DC1
- It is a domain controller (Windows 2003, DNS server, DHCP servers, Wins server)
- Located at LAN 1
- Its IP is 172.17.17.10
- The domain is boba.com

3) DC2
-It is a replica domain controller [Windows 2003, Backup of DNS server, Backup of DHCP server, Wins server (replication partner with DC1)]
-Its IP is 172.17.17.11

4) XP1
- It is a client machine (Windows XP)
- It gets the IP address from DHCP servers
- It is at LAN 1

5) Centos_5
- It is a linux Machine (OS is Centos 5.3)
- It is at LAN 1
- The assigned IP address is 172.17.17.30
- Its DNS servers (or name servers are DC1 and DC2)
- I put the  DNS record at the DNS server of DC1 for this Centos_5

6) RRAS
- It is a Routing and Remote Access Server
- It is a stand alone machine (Workgroup; it is not in the domain)

7) XP2
-It is a client machine
-It is at LAN 2

8) The Status
- From any machine, I can ping Centos_5 by its IP address (172.17.17.30)
- From Centos_5, I can ping DC1 (by its name "DC1"), Dc2, XP1, etc

9) The Goal: To check the Firewall status of this Centos_5

10) Action:
- I am at [root@CENTOS_5 ~]#
- I go to " cd /etc/sysconfig "; so i will be at [root@CENTOS_5 sysconfig]#
- Then, I type in " ./iptables --list "
- The message: "bash: ./iptables : permission denied (and i am logging in as "root" already)

11) Any help?

thanks,
tjie
LinuxLinux NetworkingLinux Security

Avatar of undefined
Last Comment
Arty K

8/22/2022 - Mon
SOLUTION
Arty K

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Arty K

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
tjie

ASKER
Hi Arty,

Do you know the answer for the above question ?

" - The message: "bash: ./iptables : permission denied (and i am logging in as "root" already) "

thanks
tjie
tjie

ASKER
Hi Arty,

1) Would you explain the FUNCTION of

- /sbin/iptables -nvL

- /sbin/iptables -nL INPUT

-/sbin/iptables -nL FORWARD

- /sbin/iptables -nL OUTPUT

- /sbin/iptables-save

2) thanks

tjie
Arty K

man iptables - this should show you expaination

-n - don't resolve to names (say show IP as IP, not as hostname)
-v - be verbose, show packets count, that matched that rule
-L - list all rules

-L INPUT - list only INPUT chain
-L FORWARD - .. FORWARD
-L OUTPUT - .. OUTPUT

Without any chain you should get list of all chains -nvL. For more explanation of chains read 'man iptables'

Regards,
Arty
Your help has saved me hundreds of hours of internet surfing.
fblack61
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.