Been looking, and haven't found the answer: in c7, is there a firewall-cmd
command, or a systemctl cmd, to check whether ip6tables firewall is
running
mark
On 23/10/18 19:05, mark wrote:> Been looking, and haven't found the answer: in c7, is there a firewall-cmd > command, or a systemctl cmd, to check whether ip6tables firewall is > running >Yes, the same as for any other service: systemctl status ip6tables.service
On 10/23/18 11:05 AM, mark wrote:> Been looking, and haven't found the answer: in c7, is there a firewall-cmd > command, or a systemctl cmd, to check whether ip6tables firewall is > running"firewall-cmd --state" will tell you if the daemon is running. If it is, then there should be both IPv4 and IPv6 rules. You can use "ip6tables -L" to view the active rule set that firewalld has built.
On 10/23/18 11:45 AM, Phil Perry wrote:> > Yes, the same as for any other service: > systemctl status ip6tables.serviceThat will not provide useful information if the system is using firewalld, as is the default configuration.
On 10/23/18 14:45, Phil Perry wrote:> On 23/10/18 19:05, mark wrote: >> Been looking, and haven't found the answer: in c7, is there a firewall-cmd >> command, or a systemctl cmd, to check whether ip6tables firewall is >> running > > Yes, the same as for any other service: > > systemctl status ip6tables.service >Um, no. I've discovered that on our boxen we have ip6tables running - I can do ip6tables-save and see them, but ip6tables.service, which comes, I find, as part of iptables-services, is *not* installed. Working around it. mark