From: Greg Ercolano <erco@(email surpressed)> Subject: [Q+A] How to disable a linux firewall Date: Thu, 11 Aug 2005 11:44:25 -0700 |
Msg# 1004 View Complete Thread (1 article) | All Threads Last Next |
> By default, someone apparently setup one of our linux machines > with the firewall enabled, causing rush to only see itself and > the license server. > > How do we disable the linux firewall? With the newer versions of Redhat/Fedora Linux, there is usually a service started on boot called 'iptables', which you can disable to disable the firewall. CHECKING IF THE LINUX FIREWALL IS ENABLED (redhat9, fedora core, RHE..) ----------------------------------------------------------------------- You can check to see if a linux firewall is enabled using 'chkconfig --list': chkconfig --list | grep iptables iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off ^^^^ ^^^^ ^^^^ ^^^^ ..which shows the firewall is on. When you turn it off, all those entries change to off. DISABLING THE LINUX FIREWALL ---------------------------- To turn it off, just run (as root): chkconfig iptables off reboot The 'reboot' is necessary to make the change take effect, so on next boot, the ip firewalling service is not started. Or, if you want to leave the firewall on, but allow rush's connections to work, then be sure to open port 696 for udp and tcp with whatever rules you want to use. TCP VERIFICATION ---------------- The best way to verify if a machine can see all the other machines via TCP through rush is to use: rush -ping +any -t 3 ..all machines should show a report. UDP VERIFICATION ---------------- To test UDP through rush, you can either just invoke 'rushtop'; all machines that show up in rushtop are working. Or, from the command line, you could use: rush -dlogstats +any ..all machines should show a report. |