Re: [SLUG] stoping/restarting ipchains firewall: OK from remote access ?
On 08/13/04 00:43, Voytek wrote: Peter Hardy said: The at(1) program is your best friend when doing remote firewall admin. Peter, another dumb question: what is the significance of the (1) ? It's a reference to the man system of manual pages. (1) means it's in section 1 of the manual (executable programs or shell commands). It's a reasonable way to, for eg, differentiate between crontab(1) the program for editing cron files, and crontab(5), which describes the cron file format. You'd run "man 1 crontab" and "man 5 crontab" to access those pages respectively. The manual section is also displayed in the output from apropos. -- Pete -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] stoping/restarting ipchains firewall: OK from remote access ?
Peter Hardy said: > The at(1) program is your best friend when doing remote firewall admin. Peter, another dumb question: what is the significance of the (1) ? -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] stoping/restarting ipchains firewall: OK from remote access ?
On 08/12/04 22:48, Voytek wrote: to test whether it's my own ipchains blocking it, can I just do this over ssh: service ipchains stop [try accessing] service ipchains start as the machine is remote to me, and, I'd rather not upset it, is issueing 'service ipchains stop / service ipchains start' OK to do over shh, or, can I screw something up ? The at(1) program is your best friend when doing remote firewall admin. It's a command scheduler - kind of like a cron job that only gets executed once. Check out the man page, yo. :-) To make sure you don't get locked out of your firewall completely, you could do something like: # at now + 5 minutes at> service ipchains start at> ^D (ctrl+d) Then stop the firewall and do the testing you need to. In the worst case (you lose ssh access), you only have to twiddly your thumbs for a few minutes until at kicks in and restarts the firewall for you. Always remember to use atrm to remove your pending at job when you've finished testing. -- Pete -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] stoping/restarting ipchains firewall: OK from remote access ?
Jan Schmidt said: > > It depends entirely on the changes that you've made - it's entirely > possible > for you to lock yourself out of ssh access to the machine, in which case > you'll have to get to the console to fix it. Jan, I was not going to alter any config at this time, simply shut down, try something, start again with same config anyhow, I've decided not to try it (till later) -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] stoping/restarting ipchains firewall: OK from remote access ?
> to test whether it's my own ipchains blocking it, can I just do this over > ssh: > > service ipchains stop > [try accessing] > service ipchains start > > as the machine is remote to me, and, I'd rather not upset it, > is issueing 'service ipchains stop / service ipchains start' > OK to do over shh, or, can I screw something up ? It depends entirely on the changes that you've made - it's entirely possible for you to lock yourself out of ssh access to the machine, in which case you'll have to get to the console to fix it. J. -- Jan Schmidt [EMAIL PROTECTED] "Karaoke bars combine two of the nation's greatest evils: people who shouldn't drink with people who shouldn't sing." -Tom Dreesen -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] stoping/restarting ipchains firewall: OK from remote access ?
when I originally installed the RH73, I configured the install-time firewall setting to only allow httpd, mysql, ssh, and the like (more or less what was the defualt with adding/allowing mysql and something else) now, I'd like to try running a httpd-type service on 8080 it's working on the machine OK, but, I can not get it to my remote location, it's either blocked by my machine's own config, or, external firewall, not sure to test whether it's my own ipchains blocking it, can I just do this over ssh: service ipchains stop [try accessing] service ipchains start as the machine is remote to me, and, I'd rather not upset it, is issueing 'service ipchains stop / service ipchains start' OK to do over shh, or, can I screw something up ? -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
