That won't completely solve your problem but it will give you more control in the meantime. # iptables-save > /etc/sysconfig/iptables If the rules in the file are the rules that are loaded upon reboot, then configure your ruleset how you want it and overwrite the file using iptables-save as root: service iptables start Applying iptables firewall rules: OK Loading additional iptables modules: ipconntracknetbiosn OK You can see the default rules under: iptables -> Filter Table -> RH-Firewall-1-INPUT Chain, as shown below. service iptables status Firewall is stopped. If you can't find where the ruleset is being loaded from, you can look at the system's default ruleset /etc/sysconfig/iptables and compare it to the loaded rules using: $ sudo iptables -vnL Start the iptables firewall as shown below. Or even one level higher $ sudo grep -r iptables /etc* You can try searching through all of your system's initialization scripts for iptables commands using: $ sudo grep -r iptables /etc/rc* Any commands in the file are executed during bootup so it's possible the iptables commands are in there. Adding commands to the file /etc/rc.local is one such method. Stopping iptables from starting during bootup using chkconfig would normally solve your problem, however since you mentioned that you had some "Cyber Security" people work on your server it's possible that iptables is configured to start using a non-standard method.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |