IPTables not available

IPTables not available

[Daniel Curry]

On fresh RH7.2 and RH7.3 installs  IPTables executables are installed,
but will not execute.  I get Kernel errors.  Can someone please direct
me to a listing of what steps and option I need to enable this?  I wish
to put firewalling with NAT services on a machine running an Apache web
server, with PHP and Perl scripts connecting to a localhosted MySQL DB,
as well as offering sendmail, POP(S)/IMAP(S), ftp, and PPTP VPN
services.  Or a compatible ipchains script for this would also be
appreciated.

Thanks

Daniel Curry
IT Manager
Cariocas
625 Second Street 
Suite 201
San Francisco, CA 94107 
ph: 415-348-6516
fx: 415-348-6505 
cell: 510-579-6680

"If A equals success, then the formula is: A = X + Y + Z, 
X is work. Y is play. Z is keep your mouth shut." 
  - Albert Einstein

Re: IPTables not available

[Tom Eastep]

On Tue, 25 Jun 2002, Daniel Curry wrote:

> On fresh RH7.2 and RH7.3 installs  IPTables executables are installed,
> but will not execute.  I get Kernel errors.  Can someone please direct
> me to a listing of what steps and option I need to enable this?  I wish
> to put firewalling with NAT services on a machine running an Apache web
> server, with PHP and Perl scripts connecting to a localhosted MySQL DB,
> as well as offering sendmail, POP(S)/IMAP(S), ftp, and PPTP VPN
> services.  Or a compatible ipchains script for this would also be
> appreciated.
> 

See if http://www.shorewall.net/FAQ.htm#faq8 doesn't address your problem.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

Re: IPTables not available

[jesse.linux]

[-- Attachment #1: Type: text/plain, Size: 1065 bytes --]


Date: Tue, 25 Jun 2002 08:20:43 -0700
From: "Daniel Curry" <dcurry@cariocas.com>
To: "Netfilter (E-mail)" <netfilter@lists.samba.org>

On fresh RH7.2 and RH7.3 installs  IPTables executables are installed,
but will not execute.  I get Kernel errors.  Can someone please direct
me to a listing of what steps and option I need to enable this?  I wish
to put firewalling with NAT services on a machine running an Apache web
server, with PHP and Perl scripts connecting to a localhosted MySQL DB,
as well as offering sendmail, POP(S)/IMAP(S), ftp, and PPTP VPN
services.  Or a compatible ipchains script for this would also be
appreciated.

Thanks

Daniel Curry
IT Manager
Cariocas
625 Second Street=20
Suite 201
San Francisco, CA 94107=20
ph: 415-348-6516
fx: 415-348-6505=20
cell: 510-579-6680

"If A equals success, then the formula is: A =3D X + Y + Z,=20
X is work. Y is play. Z is keep your mouth shut."=20
  - Albert Einstein

maybe ipchains is your problem.....
try to unload ipchains then execute your iptables rules......



[-- Attachment #2: Type: text/html, Size: 1746 bytes --]

Re: IPTables not available

[Razham, Razak]

[-- Attachment #1: Type: text/plain, Size: 1218 bytes --]

Hi,

Have you recompiled your kernel ?


am

At 10:32 26/06/02 +0800, jesse.linux wrote:

>Date: Tue, 25 Jun 2002 08:20:43 -0700
>From: "Daniel Curry" <<mailto:dcurry@cariocas.com>dcurry@cariocas.com>
>To: "Netfilter (E-mail)" 
><<mailto:netfilter@lists.samba.org>netfilter@lists.samba.org>
>
>On fresh RH7.2 and RH7.3 installs  IPTables executables are installed,
>but will not execute.  I get Kernel errors.  Can someone please direct
>me to a listing of what steps and option I need to enable this?  I wish
>to put firewalling with NAT services on a machine running an Apache web
>server, with PHP and Perl scripts connecting to a localhosted MySQL DB,
>as well as offering sendmail, POP(S)/IMAP(S), ftp, and PPTP VPN
>services.  Or a compatible ipchains script for this would also be
>appreciated.
>
>Thanks
>
>Daniel Curry
>IT Manager
>Cariocas
>625 Second Street=20
>Suite 201
>San Francisco, CA 94107=20
>ph: 415-348-6516
>fx: 415-348-6505=20
>cell: 510-579-6680
>
>"If A equals success, then the formula is: A =3D X + Y + Z,=20
>X is work. Y is play. Z is keep your mouth shut."=20
>   - Albert Einstein
>
>maybe ipchains is your problem.....
>try to unload ipchains then execute your iptables rules......
>
>

[-- Attachment #2: Type: text/html, Size: 1579 bytes --]

Re: IPTables not available

[George Georgalis]

On Wed, Jun 26, 2002 at 10:32:02AM +0800, jesse.linux wrote:
>
>Date: Tue, 25 Jun 2002 08:20:43 -0700
>From: "Daniel Curry" <dcurry@cariocas.com>
>To: "Netfilter (E-mail)" <netfilter@lists.samba.org>
>
>On fresh RH7.2 and RH7.3 installs  IPTables executables are installed,
>but will not execute.  I get Kernel errors.  Can someone please direct
>me to a listing of what steps and option I need to enable this?  I wish
>to put firewalling with NAT services on a machine running an Apache web
>server, with PHP and Perl scripts connecting to a localhosted MySQL DB,
>as well as offering sendmail, POP(S)/IMAP(S), ftp, and PPTP VPN
>services.  Or a compatible ipchains script for this would also be
>appreciated.
>
>Thanks
>
>Daniel Curry
>IT Manager
>Cariocas
>625 Second Street=20
>Suite 201
>San Francisco, CA 94107=20
>ph: 415-348-6516
>fx: 415-348-6505=20
>cell: 510-579-6680
>
>"If A equals success, then the formula is: A =3D X + Y + Z,=20
>X is work. Y is play. Z is keep your mouth shut."=20
>  - Albert Einstein
>
>maybe ipchains is your problem.....
>try to unload ipchains then execute your iptables rules......
>

yeah, I think rh72 ships with an ipchains kernel. if you apply system
updates, the new kernel is an ipchains one. don't know about rh73, which
would be odd if it's the same reason. ...send the error?

// George

-- 
GEORGE GEORGALIS, System Admin/Architect    cell: 347-451-8229 
Security Services, Web, Mail,            mailto:george@galis.org 
File, Print, DB and DNS Servers.       http://www.galis.org/george 

RE: IPTables not available

[Benny Butler]

I have a RH 7.2 box that's running iptables and has never had the kernel
recompiled.  Check 'lsmod' and make sure that ipchains is not listed.
If it is then 'rmmod ipchains' then 'insmod ip_tables'  Actually you can
skip that last command and it will load the module for you.

Hope this helps.




-----Original Message-----
From: netfilter-admin@lists.samba.org
[mailto:netfilter-admin@lists.samba.org] On Behalf Of jesse.linux
Sent: Tuesday, June 25, 2002 9:32 PM
To: netfilter@lists.samba.org
Cc: dcurry@cariocas.com
Subject: Re: IPTables not available



Date: Tue, 25 Jun 2002 08:20:43 -0700
From: "Daniel Curry" <dcurry@cariocas.com>
To: "Netfilter (E-mail)" <netfilter@lists.samba.org>

On fresh RH7.2 and RH7.3 installs  IPTables executables are installed,
but will not execute.  I get Kernel errors.  Can someone please direct
me to a listing of what steps and option I need to enable this?  I wish
to put firewalling with NAT services on a machine running an Apache web
server, with PHP and Perl scripts connecting to a localhosted MySQL DB,
as well as offering sendmail, POP(S)/IMAP(S), ftp, and PPTP VPN
services.  Or a compatible ipchains script for this would also be
appreciated.

Thanks

Daniel Curry
IT Manager
Cariocas
625 Second Street=20
Suite 201
San Francisco, CA 94107=20
ph: 415-348-6516
fx: 415-348-6505=20
cell: 510-579-6680

"If A equals success, then the formula is: A =3D X + Y + Z,=20
X is work. Y is play. Z is keep your mouth shut."=20
  - Albert Einstein

maybe ipchains is your problem.....
try to unload ipchains then execute your iptables rules......

 

Re: IPTables not available

[Michael]

An easy way, exclusively to Redhat as root in terminal:

type    setup   , select system services scroll down, you will find (if 
bog standard RH install) both ipchains and iptables checked. Uncheck 
ipchains, and leave iptables as is.

Precautionary, do
service ipchains stop   as well...
BTW, IPtables is actually iptables , note lower case,

ipchains seems to take presedence over iptables, default RH feeble fire 
wall is ipchains based. Expect that to change !!!

Cheers,
Michael


Daniel Curry wrote:

>On fresh RH7.2 and RH7.3 installs  IPTables executables are installed,
>but will not execute.  I get Kernel errors.  Can someone please direct
>me to a listing of what steps and option I need to enable this?  I wish
>to put firewalling with NAT services on a machine running an Apache web
>server, with PHP and Perl scripts connecting to a localhosted MySQL DB,
>as well as offering sendmail, POP(S)/IMAP(S), ftp, and PPTP VPN
>services.  Or a compatible ipchains script for this would also be
>appreciated.
>

Re: IPTables not available

[Bailey Kong]

> yeah, I think rh72 ships with an ipchains kernel. if you apply system
> updates, the new kernel is an ipchains one. don't know about rh73,
> which would be odd if it's the same reason. ...send the error?

Both RH7.2 and RH7.3 ship with an iptables kernel. The reason why it
probably doesn't work for you, is simply because ipchains was loaded
alrdy.  Ipchains is RH's default firewall.  All you need to do is

chkconfig --del ipchains
so ipchains doesn't load on boot or you can delete the ipchains firewall
rm /etc/sysconfig/ipchains

then reboot
i don't think you can just do a service ipchains stop, but i could be
wrong

and then implement your iptables firewall using the iptables command

iptables -A .....

after you done with that you can save it to a file using

/etc/rc.d/init.d/iptables save or service iptables save

hope this helps
Bailey

-- 
bailey@tgpsolutions.com

Administrator, tgpsolutions
http://www.tgpsolutions.com