Thanks All/Raj, Ok, I miss something so the following works : # chkconfig iptables on # /sbin/iptables -I RH-Firewall-1-INPUT -s 10.5.5.25 -j DROP # /sbin/service iptables save <== this will create /etc/sysconfig/iptables # service iptables restart
Thanks On Fri, Sep 18, 2009 at 6:46 PM, Rajveer Singh <[email protected]>wrote: > Dear sunHux, > > iptables stores rules in /etc/sysconfig/iptables file by default. So if you > don't have any rules in this file, and try to start iptables service using > "service iptables start" you will see the out of "service iptables status" > as "Firewall is stopped". > > So it's not any issue and you can put any iptable rules. > > Re, > Raj > > On Fri, Sep 18, 2009 at 4:05 PM, sunhux G <[email protected]> wrote: > >> >> I can't even start up iptables as the previous admin hardened it >> (but not sure how / where he hardened it) >> >> So despite that I do >> service iptables start, >> "service iptables status" still show "Firewall is stopped" >> >> Now, can I use /etc/hosts.deny instead ? >> Do I need to do "pkill -HUP tcpd" or >> "service xinetd restart" - which of the two >> commands shd I execute & what's the syntax >> in /etc/hosts.deny ? >> >> Thanks >> >> On Fri, Sep 18, 2009 at 11:38 AM, Ian Hayes <[email protected]>wrote: >> >>> [r...@cthulhu ~]# iptables -L --line-numbers >>> Chain INPUT (policy ACCEPT) >>> num target prot opt source destination >>> 1 DROP all -- 10.5.5.5 anywhere >>> 2 DROP all -- 10.5.5.6 anywhere >>> 3 DROP all -- 10.5.5.7 anywhere >>> >>> Find the rule number that matches the one you want to delete. Say you >>> want to delete #2 from the INPUT table >>> >>> [r...@cthulhu ~]# iptables -D INPUT 2 >>> [r...@cthulhu ~]# iptables -L --line-numbers >>> Chain INPUT (policy ACCEPT) >>> num target prot opt source destination >>> 1 DROP all -- 10.5.5.5 anywhere >>> 2 DROP all -- 10.5.5.7 anywhere >>> >>> >>> Or you can do iptables -F which will basically drop all your iptables. >>> Make sure you've saved recently before you do that. >>> >>> >>> On Thu, Sep 17, 2009 at 8:22 PM, sunhux G <[email protected]> wrote: >>> >>>> Thanks Ian. >>>> >>>> So I issue this command on both cluster nodes and it will also >>>> stop access to the virtual cluster address? >>>> >>>> What's the command to reverse / remove >>>> " iptables -A INPUT -s 10.5.5.25 -j DROP " ? >>>> Just in case there's a problem, I'll need to reverse. >>>> >>>> Tks >>>> U >>>> On Fri, Sep 18, 2009 at 10:36 AM, Ian Hayes <[email protected] >>>> > wrote: >>>> >>>>> iptables -A INPUT -s 10.5.5.25 -j DROP >>>>> >>>>> On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <[email protected]> wrote: >>>>> >>>>>> >>>>>> Hi, >>>>>> >>>>>> I have a RHEL 5.1 cluster that's constantly being accessed by an >>>>>> application from a Windows server application via sqlnet (ie Tcp >>>>>> port 1521) which caused a specific Oracle accounts to be locked. >>>>>> >>>>>> The owner of the Windows box does not know why the Filenet >>>>>> application is doing this so while she's doing the research which >>>>>> configuration in Filenet needs to be fixed to stop this, we need an >>>>>> interim measure to block this Windows server's access to the cluster. >>>>>> >>>>>> Thus I would like to set up iptables / firewall on this Linux box to >>>>>> stop the sqlnet access. Can someone provide me some example >>>>>> commands / syntax ? >>>>>> >>>>>> Source IP address : 10.5.5.25 (Windows server) >>>>>> Tcp port : 1521 >>>>>> My Linux boxes IP address : 10.5.5.46 / .47 >>>>>> My Linux cluster virtual addr : 10.5.5.45 >>>>>> >>>>>> In fact I would like to block on all ports on the Linux cluster to >>>>>> stop >>>>>> this Windows server from accessing it. So what's the exact commands >>>>>> I should issue on each of the Linux box? Would iptables also block >>>>>> the Windows server from accessing the cluster virtual IP addr? >>>>>> >>>>>> >>>>>> Thanks >>>>>> U >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Linux-cluster mailing list >>>>>> [email protected] >>>>>> https://www.redhat.com/mailman/listinfo/linux-cluster >>>>>> >>>>> >>>>> >>>>> -- >>>>> Linux-cluster mailing list >>>>> [email protected] >>>>> https://www.redhat.com/mailman/listinfo/linux-cluster >>>>> >>>> >>>> >>>> -- >>>> Linux-cluster mailing list >>>> [email protected] >>>> https://www.redhat.com/mailman/listinfo/linux-cluster >>>> >>> >>> >>> -- >>> Linux-cluster mailing list >>> [email protected] >>> https://www.redhat.com/mailman/listinfo/linux-cluster >>> >> >> >> -- >> Linux-cluster mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/linux-cluster >> > > > -- > Linux-cluster mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/linux-cluster >
-- Linux-cluster mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-cluster
