Red Hat ENTERPRISE LINUX 5 - DEPLOYMENT Deployment Manual page 748
Hide thumbs
Also See for ENTERPRISE LINUX 5 - DEPLOYMENT:
- Manual (402 pages) ,
- Configuration (86 pages) ,
- Overview (68 pages)
Table of Contents
Advertisement
Chapter 43. Securing Your Network
• start — If a firewall is configured (that is, /etc/sysconfig/iptables exists), all running
iptables are stopped completely and then started using the /sbin/iptables-restore
command. This option only works if the ipchains kernel module is not loaded. To check if this
module is loaded, type the following command as root:
[root@MyServer ~]# lsmod | grep ipchains
If this command returns no output, it means the module is not loaded. If necessary, use the /
sbin/rmmod command to remove the module.
• stop — If a firewall is running, the firewall rules in memory are flushed, and all iptables modules
and helpers are unloaded.
If the IPTABLES_SAVE_ON_STOP directive in the /etc/sysconfig/iptables-config
configuration file is changed from its default value to yes, current rules are saved to /etc/
sysconfig/iptables and any existing rules are moved to the file /etc/sysconfig/
iptables.save.
Section 43.9.5.1, "IPTables Control Scripts Configuration File"
Refer to
the iptables-config file.
• restart — If a firewall is running, the firewall rules in memory are flushed, and the firewall is
started again if it is configured in /etc/sysconfig/iptables. This option only works if the
ipchains kernel module is not loaded.
If the IPTABLES_SAVE_ON_RESTART directive in the /etc/sysconfig/iptables-config
configuration file is changed from its default value to yes, current rules are saved to /etc/
sysconfig/iptables and any existing rules are moved to the file /etc/sysconfig/
iptables.save.
Section 43.9.5.1, "IPTables Control Scripts Configuration File"
Refer to
the iptables-config file.
• status — Displays the status of the firewall and lists all active rules.
The default configuration for this option displays IP addresses in each rule. To display domain and
hostname information, edit the /etc/sysconfig/iptables-config file and change the value
of IPTABLES_STATUS_NUMERIC to no. Refer to
Configuration File"
• panic — Flushes all firewall rules. The policy of all configured tables is set to DROP.
This option could be useful if a server is known to be compromised. Rather than physically
disconnecting from the network or shutting down the system, you can use this option to stop all
further network traffic but leave the machine in a state ready for analysis or other forensics.
• save — Saves firewall rules to /etc/sysconfig/iptables using iptables-save. Refer to
Section 43.9.4, "Saving IPTables Rules"
722
for more information about the iptables-config file.
for more information.
for more information about
for more information about
Section 43.9.5.1, "IPTables Control Scripts
Advertisement
Table of Contents
Related Manuals for Red Hat ENTERPRISE LINUX 5 - DEPLOYMENT
Related Products for Red Hat ENTERPRISE LINUX 5 - DEPLOYMENT
- Red Hat CLUSTER FOR ENTERPRISE LINUX 5.0
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 5.1
- Red Hat ENTERPRISE LINUX 5 - DM MULTIPATH
- Red Hat ENTERPRISE LINUX 5.1 DM MULTIPATH
- Red Hat ENTERPRISE LINUX 5.1 - LVM ADMINISTRATION
- Red Hat ENTERPRISE LINUX 5.1 - LINUX ORACLE
- Red Hat ENTERPRISE LINUX 5.3 - RELEASE MANIFEST
- Red Hat ENTERPRISE LINUX 5.5 - S 2010
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 5.2
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.5
- Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 4.7
- Red Hat ENTERPRISE LINUX 3 - SECURITY GUIDE
- Red Hat ENTERPRISE LINUX 3 - USING BINUTILS
- Red Hat ENTERPRISE LINUX 3 - STEP BY STEP GUIDE
- Red Hat ENTERPRISE LINUX 4 - DM MULTIPATH
- Red Hat ENTERPRISE LINUX 4.5.0 -