Displaying 20 results from an estimated 68 matches for "securitylevel".
2007 May 04
0
puppet vs rhel4 system-config-securitylevel
Hey every one,
Over the past week I have been exploring puppet and had been ignoring
an oddity in its output that Luke helped me figure out today.
It all started with trying to configure puppet to configure iptables
using redhats utility system-config-securitylevel-tui on rhel4. I was
able to get it up and running using the following configuration:
node default{
firewall {rhel4:
ports => [ "22:tcp", # ssh
"8139:tcp", # puppetd
]
}tables using redhats utility
}
define firewall($...
2005 Oct 30
3
blocking outgoing ports with iptables
Hi,
I'm using the generic system-config-securitylevel-tui program on a
remote server to configure my firewall. So far it's been fairly decent,
allowing me to open up ports and whatnot. But I want to start blocking
a couple of outgoing ports on my machine. I want to lock it down so the
only traffic going in our out of my machine is stuff tha...
2005 Apr 11
3
Default Firewall Entries
Hello CentOS,
I'm curious... there seems to be a couple of default firewall rules
that I'm not familiar with in the CentOS 4.0
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-...
2005 Nov 06
2
Hi Ignacio
Hi Ignacio,
apology for my English...
my name is George Ginis...
what you mean running/accessible via firewall and system-config-securitylevel? in XP or CentOS? and what is this?
the PuTTY I have in XP or in CentOS?
thank for your answer...
By default CentOS doesn't have ftp, telnet, nor rlogin services
running/accessible via firewall.
Use an ssh client such as PuTTY.
And don't forget to use system-config-securitylevel to open...
2009 Dec 28
2
NFS problem
I'm trying to NFS-mount a CentOS directory on my Fedora laptop,
but I find I can only do this is I turn off the firewall
on the CentOS server.
If instead I go to system-config-securitylevel-tui on the server,
and allow NFS4, this does not do the trick.
Nor does allowing port 2049.
What do I need to allow?
[I should say that the CentOS server is remote,
and difficult to access directly;
that is why I used system-config-securitylevel-tui,
rather than system-config-securitylevel .]
-...
2011 Dec 05
3
How to preserve iptables when running the GUI tool ?
Hello
I have set up NAT with iptables for an openvpn connection, so that the
VPN server could give VPN clients access to the entire sub-net of the
server.
The probelm is if I start system-config-securitylevel to say disable the
firewall, and then again to enable it, my iptable rules are gone !
I did run `service iptables save` before.
Is there something I can do to prevent this ? Is there a gui interface
to enable NAT over a VPN connection that cooperates with
system-config-network ?
Thank you,
Ti...
2008 Mar 14
3
Open extra ports on firewall?
Hi,
I'm using the preconfigured firewall that comes with CentOS 5. I
configure it with system-config-securitylevel-tui, close all ports
except SSH, and then open only the ones I need.
Right now, on one of my desktops, I've installed AMSN, which requires
opening a series of ports. I've configured the app to use ports 7000 to
7010 (TCP and UDP). When running system-config-securitylevel-tui, the
last...
2010 Feb 18
1
Broken links in 5.2 deployment guide
Hi,
When browsing the (excellent) deployment guide I found the following
broken links:
http://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-basic-firewall-securitylevel-enable.html
('Next' link from
http://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-basic-firewall-securitylevel.html)
http://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-iptables-options-commands.html
('Next' link from
http://www.centos.org/docs/5/html/5.2/Deployment_Gui...
2008 Feb 26
1
/etc/sysconfig/iptables on a stock CentOS 5 install
...o
my /etc/sysconfig/iptables file is pretty standard/straightforward.
my question is: how is this config file initially generated? i'd
like to
re-create it, and add a couple of rules .... so i don't want to lose
what's
in there already.
i see that my /etc/sysconfig/system-config-securitylevel has three
entries,
which explains how the port 80 and 22 rules get into the config:
--enabled
--port=22:tcp
--port=80:tcp
... and i see the basic /etc/sysconfig/iptables-config file, but i'm
unclear
as to how the rest of the stuff gets in there: e.g.:
# Firewall configuration writte...
2007 Mar 26
2
Question about rebooting and iptables rules persisting
So I use Samba on my home network. I open the samba ports in the GUI tool
for CentOS 4. Here is the problem. Every time I reboot I'm forced to run
system-config-securitylevel to get firewall ports open again. So like if I
reboot samba won't work. I go into that tool either via command line or
via the GUI and I simply click "ok" and samba is suddenly open.
Does anyone know what is happening? I've tried iptables -save or whatever.
Nothing seems to work...
2008 Jul 10
3
Understanding iptables
In following up on the rsh "problem" I was having earlier, I decided
to try out the suggestion Felipe sent about using
system-config-securitylevel-tui to open up ports 513 and 514, but that
doesn't seem to do the job, either.
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source...
2008 Jul 02
3
Want to _prevent_ upgrade to centos 5.2
...has resulted in yum
geting repo information for packages with versions that only exist in
the base repository of centos 5.2.
The following snippet shows the beginning of yum update on a x86_64
server. It has noticed python-2.4.3-21.el5.x86_64,
ltrace-0.5-7.45svn.el5.x86_64 and system-config-securitylevel-tui.x86_64
0:1.6.29.1-2.1.el5 which are a CentOs 5.2 package. On a workstation yum
update resulted in upgrade of firefox from 1.5 to 3.0-0 beta5.
Can I stop this from happening? Ideally I would like to stay on a
particulare version of CentOS eg 5.2 until we can do a controlled
upgrade. Mayb...
2006 Sep 30
2
firewall issue
.../sysconfig/iptables are the lines:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2049
-j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 2049
-j ACCEPT
and there are not any deny lines above these. I think those lines were
added when I ran system-config-securitylevel-tui. Those are the only
lines that I can find that mention port 2049 or nfs.
Those lines look to me like they are for accepting incoming connections
only. Is that correct?
What do I need to do so that I can do the nfs export out of this box?
--
Doug
Registered Linux User #285548 (http://counter....
2011 May 17
3
Why is iptables configured to accept packets on ports 50 and 51?
[root at hwdltsaloli ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-...
2006 Feb 24
1
How-To for FC4/Samba
Can someone point me to a step-by-step on samba w/FC4? Honestly, I'm only
trying a basic share, no rocket science. I've already a samba server on RH9
with the same clients and users trying to access a share on FC4. Logs and
testparm returns everything fine. Had SELINUX on and off. Cannot browse even
home directories.
Thanks,
exasperated
2007 Apr 12
3
CentOS Firewall configuration
Hello,
When i did the basic CentOS install i selected incoming ssh, ftp, www,
and smtp in the configuration dialog. Now my needs have changed and i'd like
to add to those rules with samba, this box runs it, and bacula the client. I
was wondering a howto on what to put, i know the ports i need, or a web
configuration util?
Thanks.
Dave.
2014 Oct 13
0
Recommended way of handling iptables firewall in CentOS?
Hi,
I'm planning to use CentOS 6.x on a handful of LAN servers. So far I've
been using Slackware64 14.0 and 14.1 for the job.
I wonder what's the orthodox/recommended way of configuring and iptables
firewall with CentOS. I understand there's the
system-config-securitylevel-tui NCurses interface which allows defining
a basic set of rules. But what about the handful of more advanced rules
I have to configure?
Here's an example of an /etc/rc.d/rc.firewall script that I might use
with Slackware. It contains mostly basic rules, and a couple of more
advanced rules...
2011 Mar 19
2
httpd cannot serve web page on port 2812 (for Monit)
...sshd with pidfile /var/run/sshd.pid
start program "/etc/init.d/sshd start"
stop program "/etc/init.d/sshd stop"
if failed port 22 protocol ssh then restart
if 5 restarts within 5 cycles then timeout
(I also enabled the 2812 port using CentOS's
"system-config-securitylevel" command, which added the right IPtables
entries, which I see okay on "iptables -L")
--
Also on LinkedIn?? Feel free to connect if you too are an open
networker: scubacuda at gmail.com
2009 Oct 31
3
Inquiry:iptables ?
iptables -I INPUT -s 0.0.0.0/0 -p tcp --dport 5901 -j ACCEPT
I'm going strictly off memoy here so you may need to man iptables. :)
hadi motamedi <motamedi24 at gmail.com> wrote:
>Dear All
>To open a port , I know that I need to go to "System -> Administration ->
>Security Level and Firewall" -> Other ports and then I can open port-5901 as
>tcp
2009 Mar 01
2
Fail2Ban
Hi all,
I am trying to get fail2ban going on my server and its log message
reports the following error
2009-02-16 17:42:05,339 ERROR: 'iptables -L INPUT | grep -q
fail2ban-SSH' returned 256
2009-02-16 17:42:05,354 ERROR: 'iptables -D INPUT -p tcp --dport ssh
-j fail2ban-SSH
Is this because of the way the RedHat tool sets up the firewall?
Thanks for any responses.
--
"The