[NTLUG:Discuss] Firewall/IPCHAINS

Patrick Parks patrick at patrickparks.com
Sat Sep 8 13:54:33 CDT 2001 

Ok, I am trying to understand this firewall program, I am running RH
7.1. I have firewall enabled in linuxconf. I also see ipchains running,
is that the same as the firewall in linuxconf? I have looked over the
man pages at www.linuxdocs.org for IPCHaIns and I am even more confused
than when I started. I renabled my firewall, and now do not have
connectivity between my two linux boxes running nsf. I look under
firewall config in linuxconfig, and it shows accept for input, output,
and fowarding from one machine to the other, but I still do not have
connectivity. I listed the IP chains and I got the following:

[root at C1652034-d pparks]# /sbin/ipchains -L -n
Chain input (policy ACCEPT):
target     prot opt     source                destination          
ports
ACCEPT     udp  ------  0.0.0.0/0            0.0.0.0/0             67:68
->   67:68
ACCEPT     udp  ------  0.0.0.0/0            0.0.0.0/0             67:68
->   67:68
ACCEPT     all  ------  0.0.0.0/0            0.0.0.0/0             n/a
REJECT     tcp  -y----  0.0.0.0/0            0.0.0.0/0             *
->   0:1023
REJECT     tcp  -y----  0.0.0.0/0            0.0.0.0/0             *
->   2049
REJECT     udp  ------  0.0.0.0/0            0.0.0.0/0             *
->   0:1023
REJECT     udp  ------  0.0.0.0/0            0.0.0.0/0             *
->   2049
REJECT     tcp  -y----  0.0.0.0/0            0.0.0.0/0             *
->   6000:6009
REJECT     tcp  -y----  0.0.0.0/0            0.0.0.0/0             *
->   7100
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):

So back to my original question, I am assuming that ipchains and
firewall are two different services, and that I have the firewall set up
properly, but not the ipchains. If this is the case, is there a text
file that I need to edit for the ipchains, or do I run everything from
the command line? I did a /sbin/ipchains -n Server, to create a rule for
the server, but can not figure out how to tell it what I want it to do.
Any takers? Thanks.


-- 
Patrick Parks
www.patrickparks.com
patrick at patrickparks.com
972.416.8377 (Home)
972.354.7712 (Fax)
504.723.6460 (PCS)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://ntlug.org/pipermail/discuss/attachments/20010908/346a0c49/attachment.html

More information about the Discuss mailing list