Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to install iptables on Red Hat. The editor thinks it is very practical, so I share it with you for reference. I hope you can get something after reading this article.

Installation of iptables on Red Hat:

Red Hat 7.1 uses a 2.4.x kernel and supports Netfilter and iptables. Red Hat contains all the basic programs and required configuration files, but the default is B class=COMMAND > ipchains. "Why iptables doesn't work" is the most common question, so let's talk about how to turn off ipchains and start iptables.

The pre-installed iptables version of Red Hat 7.1is a bit old. Before using it, you may want to install a new one and compile the kernel yourself.

We need to close ipchains first and don't want it to run again. To do this, we need to change some file names under the directory / etc/rc.d/. Complete with the following command:

Chkconfig-level 0123456 ipchains off

This command renames all soft connections pointing to / etc/rc.d/init.d/ipchains to K92ipchains. Starting with S indicates that this script will be run by the initialization script at startup. When it is changed to the beginning of K, it means that the service is terminated, or it will no longer run at startup. In this way, ipchains will no longer be turned on and will run.

To stop a running service, use the service command. The command to terminate the ipchains service is:

Service ipchains stop

Now we can start the iptables service. First of all, to determine which runtime layer to run on, usually 2Jing 3 and 5, these layers have different uses:

two。 A multi-user environment without NFS differs from layer 3 only in that it does not have network support.

3. A multi-user environment is the layer we use for general purposes.

5. X11, graphical interface.

Use the following command to enable iptables to run at these layers:

Chkconfig-level 235 iptables on

You can also use this command to enable iptables to run on other layers. But this is not necessary, because layer 1 is in single-user mode, which is generally used for maintenance, layer 4 is not used, and layer 6 is used to turn off the computer.

Start iptables to:

Service iptables start

There are no rules defined in the script iptables. There are two ways to add rules in Red Hat 7.1.The * method is to edit / etc/rc.d/init.d/iptables. Note that existing rules may be deleted when upgrading iptables with RPM. Another way is to load the rules first, then save the rules to a file with the command iptables-save, and then load them automatically by the script (/ etc/rc.d/init.d/iptables) in the directory rc.d.

Let's first show how to use the cut-and-paste Dafa setting / etc/rc.d/init.d/iptables. In order to load the rules when the computer starts iptables, you can put the rules in the "start)" section or in the function start (). Note: if you put the rules in the "start) section, do not run start () in the" start) section, and edit the "stop)" section so that the script knows how to handle it when shutting down or entering a layer that does not require iptables. You should also check the settings for the "restart" and "condrestart" sections. It is important to note that the changes we make may be deleted when upgrading iptables, whether it is automatically upgraded through the Red Hat network or with RPM.

Here's the second method: write a script for the rule first, or generate the rule directly with the iptables command. Rules to suit your needs, do not forget to experiment to see if there is a problem, after confirming that normal, use the command iptables-save to save the rules. Generally use iptables-save > / etc/sysconfig/iptables to generate the file / etc/sysconfig/iptables to save the rules, or you can use service iptables save, which can automatically save the rules in / etc/sysconfig/iptables. When the computer starts, the script under rc.d invokes the file with the command iptables-restore, which automatically restores the rules.

Do not mix the above two methods, lest the rules defined by different methods affect each other, or even invalidate the setting of the firewall.

At this point, you can delete the pre-installed ipchains and iptables, which avoids conflicts between the old and new versions of iptables. In fact, you only need to do this when you install it from the original code. In general, however, there is no problem of interaction, because rpm-based packages do not use the default directory of the original code. Delete with the following command:

Rpm-e iptables

Why keep it when you don't use ipchains? Delete it! The command is as follows:

Rpm-e ipchains

After suffering, victory finally arrived. You can already install iptables under RED HAT from the source code.

This is the end of this article on "how to install iptables on Red Hat". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it out for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.