[SLE] iptables service

Discussion:

Brian

2003-01-28 06:11:30 UTC

Were is the iptables service?? Suse has consumed linux and spit it back up in
to their own version.

--
Brian York
http://www.brianyork.net
--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-***@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-***@suse.com

Herman Knief

2003-01-28 06:15:43 UTC

Permalink

Ummm...iptables is part of the kernel.

Post by Brian
Were is the iptables service?? Suse has consumed linux and spit it back up in
to their own version.

--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-***@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-***@suse.com

Ben Rosenberg

2003-01-28 06:19:38 UTC

Permalink

* Brian (***@brianyork.net) [030127 22:12]:
->Were is the iptables service?? Suse has consumed linux and spit it back up in
->to their own version.

I'm not sure what your talking about here. What the SuSEfirewall2
*script* does is use iptables. It gives you plain English options for
the rules it will write and maintain. If you look at your running kernel
using the SuSEfirewall2 script you will see the following...

Section cut/pasted after executing lsmod:

-----
ipt_TCPMSS 2432 1 (autoclean)
ipt_TOS 1088 11 (autoclean)
ipt_state 672 58 (autoclean)
ipt_LOG 3232 64 (autoclean)
ipt_REJECT 2848 3 (autoclean)
iptable_mangle 2208 1 (autoclean)
iptable_filter 1792 1 (autoclean)
ip_nat_ftp 3008 0 (unused)
iptable_nat 13300 1 [ip_nat_ftp]
ip_conntrack_ftp 3264 0 (unused)
ip_conntrack 13324 3 [ipt_state ip_nat_ftp iptable_nat
ip_conntrack_ftp]
ip_tables 10464 10 [ipt_TCPMSS ipt_TOS ipt_state ipt_LOG
ipt_REJECT iptable_mangle iptable_filter iptable_nat]
------

The above modules loaded clearly shows that iptables is being used as
the firewall mechanism.

You might want to do some further reading before saying that SuSE is
doing something non-standard. If you don't wish to use SuSE's firewall
script then you are more then welcome to hunt down a program on
freshmeat.net or write a group of iptables rules and put them in
/etc/init.d/boot.local so they start when you boot your machine.
--
Ben Rosenberg ---===---===---===--- mailto:***@whack.org
Tell me what you believe..
I'll tell you what you should see.

Brian

2003-01-28 14:12:06 UTC

Permalink

In redhat you could "service iptables restart' but anyway thats not the
point
i am trying to open port 137 and 138 for smb. when i use suse fireall gui
it doesn't open it. so what is suse's command line to open an input port
on tcp for 137 and 138?

Brian

Post by Ben Rosenberg
->Were is the iptables service?? Suse has consumed linux and spit it back
up in ->to their own version.
I'm not sure what your talking about here. What the SuSEfirewall2
*script* does is use iptables. It gives you plain English options for
the rules it will write and maintain. If you look at your running kernel
using the SuSEfirewall2 script you will see the following...
-----
ipt_TCPMSS 2432 1 (autoclean)
ipt_TOS 1088 11 (autoclean)
ipt_state 672 58 (autoclean)
ipt_LOG 3232 64 (autoclean)
ipt_REJECT 2848 3 (autoclean)
iptable_mangle 2208 1 (autoclean)
iptable_filter 1792 1 (autoclean)
ip_nat_ftp 3008 0 (unused)
iptable_nat 13300 1 [ip_nat_ftp]
ip_conntrack_ftp 3264 0 (unused)
ip_conntrack 13324 3 [ipt_state ip_nat_ftp iptable_nat
ip_conntrack_ftp]
ip_tables 10464 10 [ipt_TCPMSS ipt_TOS ipt_state ipt_LOG
ipt_REJECT iptable_mangle iptable_filter iptable_nat]
------
The above modules loaded clearly shows that iptables is being used as
the firewall mechanism.
You might want to do some further reading before saying that SuSE is
doing something non-standard. If you don't wish to use SuSE's firewall
script then you are more then welcome to hunt down a program on
freshmeat.net or write a group of iptables rules and put them in
/etc/init.d/boot.local so they start when you boot your machine.

Togan Muftuoglu

2003-01-28 14:23:19 UTC

Permalink

Post by Brian
In redhat you could "service iptables restart' but anyway thats not the
point
i am trying to open port 137 and 138 for smb. when i use suse fireall gui
it doesn't open it. so what is suse's command line to open an input port
on tcp for 137 and 138?

You need to edit /etc/sysconfig/SuSEfirewall2 by means of either via an
editor, or by using YaST2 sysconfig editor.

But this is not just opening an "input port" as it can mean many things.
Either read the /etc/sysconfig/SuSEfirewall2 and act upon the comments
or get the Unofficial SuSEfirewall2 manual from Sourceforge

http://sourceforge.net/project/showfiles.php?group_id=42064&release_id=127876
--
Togan Muftuoglu
Unofficial SuSE FAQ Maintainer
http://dinamizm.ath.cx

Joe Morris (NTM)

2003-01-28 14:39:54 UTC

Permalink

Edit /etc/sysconfig/SuSEfirewall2. BTW, IIRC, that should be tcp 139,
udp 137 138. HTH.
--
Joe Morris
New Tribes Mission
Email Address: ***@ntm.org
Web Address: http://www.mydestiny.net/~joe_morris
Registered Linux user 231871
God said, I AM that I AM. I say, by the grace of
God, I am what I am.