Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: iptables service SME 7.0 beta 2
« previous next »
Pages: [1]   Go Down

iptables service SME 7.0 beta 2

  • 5 Replies
  • 1148 Views

Skydiver

iptables service SME 7.0 beta 2
« on: August 31, 2005, 08:33:01 AM »
Hi im testing the SME 7.0 beta 2

im trying to test some firewall items

normally im shore with iptables you just use the command:

service iptables stop/start etc...

does anyone know if this has changed in the new release?
Logged

Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
Re: iptables service SME 7.0 beta 2
« Reply #1 on: August 31, 2005, 06:11:13 PM »
Quote from: "Skydiver"
Hi im testing the SME 7.0 beta 2

im trying to test some firewall items

normally im shore with iptables you just use the command:

service iptables stop/start etc...

does anyone know if this has changed in the new release?


The firewall service is called "masq", as it always has in SME. The use of the "service" command has always been deprecated in SME. Use the /etc/rc7.d/ symlink instead, e.g.

/etc/rc7.d/S*masq start
Logged

Skydiver

Re: iptables service SME 7.0 beta 2
« Reply #2 on: August 31, 2005, 10:00:24 PM »
Thanks CharlieBrady

I must have been thinking about 6.5.

I am looking at the server-manager and i note the port forwarding menu item. My tests show that this works in server/gateway mode.

Is there the ability to open ports from the server manager?
Logged

Skydiver

firewall rules
« Reply #3 on: August 31, 2005, 10:59:59 PM »
Ok found posts relating to the firewall.

Seems no easy way to update the rules.

Should i be editing the masq file and add them there or would placing the rules in :  /etc/rc.d/rc.local
work the same way.
Logged

Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
Re: iptables service SME 7.0 beta 2
« Reply #4 on: August 31, 2005, 11:32:47 PM »
Quote from: "Skydiver"

I must have been thinking about 6.5.


No, that's no different.

Quote

Is there the ability to open ports from the server manager?


This has been answered here many times. There is a contrib panel available, but it doesn't work for many, because they do not understand why they are trying to open ports. Ports only need to be opened if you have added a service to the server itself. Those services should be configured by their own e-smith-blah package, and that package will provide a template fragment for the masq script which opens any ports which need to be opened, for a public service.

In 7.0, all you need to do to open a port is to create a service db record:

config set blah status enabled access public TCPPort nnn

then:

expand-template /etc/rc.d/init.d/masq
/etc/rc.d/init.d/masq adjust

Voila!
Logged

Skydiver

Firewall 7.0
« Reply #5 on: September 01, 2005, 12:06:29 AM »
Thanks for clearing that all up for me.


I will use the information you provided and complete some testing..

 
I have tested password access to ibays both from the internet and local networks.

Many of the server manager features in the default install have now been tested and no errors noted yet.
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: iptables service SME 7.0 beta 2