Linux Redhat 7.3
Michael H. Warfield
mhw at wittsend.com
Sun Jun 9 23:07:21 UTC 2002
On Sun, Jun 09, 2002 at 01:46:08PM +1000, Skeeve Stevens wrote:
> Actually... Redhat installs with iptables.
Actually, it installs both. If you accept the default security
settings, you end up with the ipchains firewall module loaded and
ipchains used to configure you firewall. OK... It's the "ipchains
compatibility module" from netfilter but you can't run "iptables"
as it is configured. Simple check... If the file /etc/sysconfig/ipchains
exists, you are running the ipchains module from netfilter and not
the iptables modules. You will find that both iptables and ipchains
have been installed. You just have to blow away the ipchains file
in /etc/sysconfig and unload the ipchains module. Then you can load
the appropriate iptables modules and configure iptables. If you
don't unload the ipchains module, iptables will bitch that it is incompatible
with the running kernel.
Personally, IMNSHO, the default choice was STUPID. Ipchains in
the 2.4.x kernels has some annoying bugs when playing with iproute
and policy routing that can only be solved by going to iptables. I
know of no reason (other than upgrades) to NOT use iptables. So
why did they even bother with an ipchains mode?
> > -----Original Message-----
> > From: bind-users-bounce at isc.org
> > [mailto:bind-users-bounce at isc.org] On Behalf Of Michael H. Warfield
> > Sent: Sunday, June 09, 2002 2:15 AM
> > To: Phil Collins
> > Cc: comp-protocols-dns-bind at isc.org
> > Subject: Re: Linux Redhat 7.3
> > On Thu, Jun 06, 2002 at 01:31:19PM -0700, Phil Collins wrote:
> > > I have just installed Linux Redhat 7.3 and have installed
> > BIND 9.XX.XX
> > > I have inserted some A records and it works fine when I query them
> > > locally.
> > > But if I try to query the BIND DNS Server from an external
> > machine on
> > > the network it will not respond or answer ....... Is there something
> > > simple I have not done.
> > Sounds like your firewall rules. RedHat 7.3 installs with
> > ipchains and you will have to enable that service by allowing it
> > through the firewall.
> > > Any help would be really appreciated.
> > > P Collins
> > Mike
> > --
> > Michael H. Warfield | (770) 985-6132 | mhw at WittsEnd.com
> > /\/\|=mhw=|\/\/ | (678) 463-0932 |
> > http://www.wittsend.com/mhw/
> > NIC whois: MHW9 | An
> > optimist believes we live in the best of all
> > PGP Key: 0xDF1DD471 | possible worlds. A pessimist is
> > sure of it!
Michael H. Warfield | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
More information about the bind-users