Please tolerate this post intended for the livecd-creator list. They are bouncing me now days. Maybe its time I changed deodorant? I dunno ...
I am desperate!
---
livecd-tools-15.7-1.fc15.x86_64
Kickstarts all contain:
firewall --disabled selinux --disabled
I even went as far as this:
%packages --- [stuff deleted] --- -system-config-firewall*
and
%post --- [stuff deleted] --- /sbin/chkconfig iptables off /sbin/chkconfig ip6tables off echo '#' > /etc/sysconfig/iptables echo '#' > /etc/sysconfig/ip6tables echo '#' > /etc/sysconfig/iptables-config echo '#' > /etc/sysconfig/ip6tables-config echo "#\n--disabled" > /etc/sysconfig/system-config-firewall %end
What happens is that /etc/sysconfig/iptables, /etc/sysconfig/iptables, and /etc/sysconfig/system-config-firewall ALWAYS get recreated AFTER %post runs!
That causes the iptables kernel modules to load, and filtering started, even though iptables is actually configured for off and does not start.
What is doing that? I cannot find it.
Any help is appreciated.
Thanks!
On Fri, Aug 26, 2011 at 5:14 PM, Phil Meyer pmeyer@themeyerfarm.com wrote:
Please tolerate this post intended for the livecd-creator list. They are bouncing me now days. Maybe its time I changed deodorant? I dunno ...
I am desperate!
livecd-tools-15.7-1.fc15.x86_64
Kickstarts all contain:
firewall --disabled selinux --disabled
I even went as far as this:
%packages
[stuff deleted]
-system-config-firewall*
and
%post
[stuff deleted]
/sbin/chkconfig iptables off /sbin/chkconfig ip6tables off echo '#' > /etc/sysconfig/iptables echo '#' > /etc/sysconfig/ip6tables echo '#' > /etc/sysconfig/iptables-config echo '#' > /etc/sysconfig/ip6tables-config echo "#\n--disabled" > /etc/sysconfig/system-config-firewall %end
Could you use service iptables stop and service ip6tables stop ?
You could also use chkconfig to deactivate the firewalls
--aneiros
What happens is that /etc/sysconfig/iptables, /etc/sysconfig/iptables,
and /etc/sysconfig/system-config-firewall ALWAYS get recreated AFTER %post runs!
That causes the iptables kernel modules to load, and filtering started, even though iptables is actually configured for off and does not start.
What is doing that? I cannot find it.
Any help is appreciated.
Thanks!
users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
On 08/26/2011 11:14 PM, Phil Meyer wrote:
Please tolerate this post intended for the livecd-creator list. They are bouncing me now days. Maybe its time I changed deodorant? I dunno ...
I am desperate!
livecd-tools-15.7-1.fc15.x86_64
Kickstarts all contain:
firewall --disabled selinux --disabled
I even went as far as this:
%packages
[stuff deleted]
-system-config-firewall*
and
%post
[stuff deleted]
/sbin/chkconfig iptables off /sbin/chkconfig ip6tables off echo '#'> /etc/sysconfig/iptables echo '#'> /etc/sysconfig/ip6tables echo '#'> /etc/sysconfig/iptables-config echo '#'> /etc/sysconfig/ip6tables-config echo "#\n--disabled"> /etc/sysconfig/system-config-firewall %end
There is no need to modify /etc/sysconfig/iptables-config and /etc/sysconfig/ip6tables-config.
Just remove /etc/sysconfig/iptables and /etc/sysconfig/ip6tables, then the iptables and ip6tables services will not start.
echo -e "#\n--disabled"> /etc/sysconfig/system-config-firewall ^^ Otherwise this is a comment and will be ignored. You could also just drop "#\n".
What happens is that /etc/sysconfig/iptables, /etc/sysconfig/iptables, and /etc/sysconfig/system-config-firewall ALWAYS get recreated AFTER %post runs!
This should not happpen.
Please the contents of the files.
Is system-config-firewall-base installed?
That causes the iptables kernel modules to load, and filtering started, even though iptables is actually configured for off and does not start.
What is doing that? I cannot find it.
Any help is appreciated.
Which modules are loaded?
Thanks!
Thomas
-
j.e.aneiros -
Phil Meyer -
Thomas Woerner