[luau] turning off radhat services

[Ho'ala Greevy]

According to the RHCE course I took last October, here is a clarification
on the ipchains and iptables daemons located /etc/rc.d/init.d

both scripts initially deal with the Red Hat Firewall Configuration
Toolkit, which is located at /usr/sbin/lokkit.  lokkit is first called
during installation, as it's the screen where it asks what level of
firewall you want.  As far as lokkit is concerned (and this is definitely
a redhat-ism), the ipchains and iptables daemons both do the same thing,
which is to load the firewall options you chose at bootup.

Starting with RH 7.3 and beyond, the iptables daemon (is it even really a
daemon?  dunno know how else to aptly describe it) is used by default by
lokkit.  Even though RH 7.1 and 7.2 both include support for iptables,
lokkit will employ ipchains by default instead.  Don't ask me why, the
RedHat instructor didn't know either.

Here's where it gets kind of interesting.  If you have an iptables script
like MonMotha's firewall, you can run his script to get your firewall up
and running, tweak it, and once you're satisfied with it, you can issue
this:
/sbin/service iptables save
/sbin/chkconfig iptables on


The first command sequence will load the current iptables config into
memory.  Not really actually, they just get loaded into
/etc/sysconfig/iptables, which is another redhat-ism config file.  The
second command sequence will call the iptables daemon to start on boot. 
It turns out to be a roundabout way to have MonMotha's firewall to play
nice in /etc/rc.d/init.d :-)

hope that helps,
Ho'ala


Chris Stark said:
>> ipchains iptables    firewall stuff, one or other on. Actually my
>> system has both on, a problem?
>
> You probably don't need both.  IP Tables is the newer of the two (and
> probably the one you should go with).