I can't even start up iptables as the previous admin hardened it (but not sure how / where he hardened it)
So despite that I do service iptables start, "service iptables status" still show "Firewall is stopped" Now, can I use /etc/hosts.deny instead ? Do I need to do "pkill -HUP tcpd" or "service xinetd restart" - which of the two commands shd I execute & what's the syntax in /etc/hosts.deny ? Thanks On Fri, Sep 18, 2009 at 11:38 AM, Ian Hayes <[email protected]>wrote: > [r...@cthulhu ~]# iptables -L --line-numbers > Chain INPUT (policy ACCEPT) > num target prot opt source destination > 1 DROP all -- 10.5.5.5 anywhere > 2 DROP all -- 10.5.5.6 anywhere > 3 DROP all -- 10.5.5.7 anywhere > > Find the rule number that matches the one you want to delete. Say you want > to delete #2 from the INPUT table > > [r...@cthulhu ~]# iptables -D INPUT 2 > [r...@cthulhu ~]# iptables -L --line-numbers > Chain INPUT (policy ACCEPT) > num target prot opt source destination > 1 DROP all -- 10.5.5.5 anywhere > 2 DROP all -- 10.5.5.7 anywhere > > > Or you can do iptables -F which will basically drop all your iptables. Make > sure you've saved recently before you do that. > > > On Thu, Sep 17, 2009 at 8:22 PM, sunhux G <[email protected]> wrote: > >> Thanks Ian. >> >> So I issue this command on both cluster nodes and it will also >> stop access to the virtual cluster address? >> >> What's the command to reverse / remove >> " iptables -A INPUT -s 10.5.5.25 -j DROP " ? >> Just in case there's a problem, I'll need to reverse. >> >> Tks >> U >> On Fri, Sep 18, 2009 at 10:36 AM, Ian Hayes >> <[email protected]>wrote: >> >>> iptables -A INPUT -s 10.5.5.25 -j DROP >>> >>> On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <[email protected]> wrote: >>> >>>> >>>> Hi, >>>> >>>> I have a RHEL 5.1 cluster that's constantly being accessed by an >>>> application from a Windows server application via sqlnet (ie Tcp >>>> port 1521) which caused a specific Oracle accounts to be locked. >>>> >>>> The owner of the Windows box does not know why the Filenet >>>> application is doing this so while she's doing the research which >>>> configuration in Filenet needs to be fixed to stop this, we need an >>>> interim measure to block this Windows server's access to the cluster. >>>> >>>> Thus I would like to set up iptables / firewall on this Linux box to >>>> stop the sqlnet access. Can someone provide me some example >>>> commands / syntax ? >>>> >>>> Source IP address : 10.5.5.25 (Windows server) >>>> Tcp port : 1521 >>>> My Linux boxes IP address : 10.5.5.46 / .47 >>>> My Linux cluster virtual addr : 10.5.5.45 >>>> >>>> In fact I would like to block on all ports on the Linux cluster to stop >>>> this Windows server from accessing it. So what's the exact commands >>>> I should issue on each of the Linux box? Would iptables also block >>>> the Windows server from accessing the cluster virtual IP addr? >>>> >>>> >>>> Thanks >>>> U >>>> >>>> >>>> >>>> >>>> -- >>>> Linux-cluster mailing list >>>> [email protected] >>>> https://www.redhat.com/mailman/listinfo/linux-cluster >>>> >>> >>> >>> -- >>> Linux-cluster mailing list >>> [email protected] >>> https://www.redhat.com/mailman/listinfo/linux-cluster >>> >> >> >> -- >> Linux-cluster mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/linux-cluster >> > > > -- > Linux-cluster mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/linux-cluster >
-- Linux-cluster mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-cluster
