On Tue, 29 Oct 2002, Jack Bowling wrote: > On Tue, Oct 29, 2002 at 12:30:21PM -0500, Robert P. J. Day wrote: > > > > to switch from ipchains to iptables: > > > > # chkconfig --level 0123456 ipchains off (turn off auto start) > > # service ipchains stop (stop ipchains) > > # rmmod ipchains (unload the module) > > # rpm -e ipchains (if you're SURE :-) > > > > # insmod ip_tables (insmod or modprobe?) > > # chkconfig iptables on (auto start) > > # service iptables start (fire it up) > > # iptables -L (verify with listing) > > > > comments? > > Just one comment: under no circumstances should a user take down one > firewall and put another in place until the user is familiar with the > replacement firewall rules. This may require some study, but a firewall > is such a critical line of defence that IMHO it behooves the user to > bone up on it.
i'm assuming that this refers to my "rpm -e ipchains" line? yes, more than one person has pointed out that that's just a wee bit dangerous, but in my defense, i did say "if you're SURE". but never mind, i'm dropping that line. better safe than sorry. rday p.s. i've also replaced rmmod and insmod with "modprobe".
