holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Revise instructions for disabling iptables

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-07-17 16:48:15 -07:00
parent c0e4d4093c
commit 55519bd9ac
3 changed files with 178 additions and 118 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
docs/standalone.xml
View File

@ -119,8 +119,7 @@
<title>Conventions</title> <title>Conventions</title>
<para>Points at which configuration changes are recommended are flagged <para>Points at which configuration changes are recommended are flagged
with <inlinegraphic fileref="images/BD21298_.gif" with <inlinegraphic fileref="images/BD21298_.gif" format="GIF"/>.</para>
format="GIF" />.</para>
<para>Configuration notes that are unique to Debian and it's derivatives <para>Configuration notes that are unique to Debian and it's derivatives
are marked with <inlinegraphic fileref="images/openlogo-nd-25.png" are marked with <inlinegraphic fileref="images/openlogo-nd-25.png"
@ -570,23 +569,6 @@ SSH(ACCEPT) net $FW </programlisting>
other connections as desired.</para> other connections as desired.</para>
</section> </section>
<section>
<title>Disabling your existing Firewall</title>
<para>Before starting Shorewall for the first time, it's a good idea to
stop your existing firewall. On Redhat/CentOS/Fedora:</para>
<programlisting><command>service iptables stop</command></programlisting>
<para>If you are running SuSE, use Yast or Yast2 to stop
SuSEFirewall.</para>
<para>Once you have Shorewall running to your satisfaction, you should
totally disable your existing firewall. On /Redhat/CentOS/Fedora:</para>
<programlisting><command>chkconfig --del iptables</command></programlisting>
</section>
<section id="Starting"> <section id="Starting">
<title>Starting and Stopping Your Firewall</title> <title>Starting and Stopping Your Firewall</title>
@ -675,6 +657,44 @@ SSH(ACCEPT) net $FW </programlisting>
</itemizedlist> </itemizedlist>
</section> </section>
<section>
<title>Disabling your existing Firewall</title>
<para>Before starting Shorewall for the first time, it's a good idea to
stop your existing firewall. On older Redhat/CentOS/Fedora:</para>
<programlisting><command>service iptables stop</command></programlisting>
<para>On recent Fedora systems that run systemd, the command is:</para>
<programlisting><command>systemctl stop iptables.service</command></programlisting>
<para>If you are running SuSE, use Yast or Yast2 to stop
SuSEFirewall.</para>
<para>On other systems that use a classic SysV init system:</para>
<programlisting><command>/etc/init.d/iptables stop</command></programlisting>
<para>Once you have Shorewall running to your satisfaction, you should
totally disable your existing firewall. On older
Redhat/CentOS/Fedora:</para>
<programlisting><command>chkconfig --del iptables</command></programlisting>
<para>On Debian systems:</para>
<programlisting><command>update-rc.d iptables disable</command></programlisting>
<para>On recent Fedora system running systemd:</para>
<programlisting><command>systemctl disable iptables.service</command></programlisting>
<para><inlinegraphic fileref="images/BD21298_.gif"/></para>
<para>At this point, disable your existing firewall service.</para>
</section>
<section id="Other"> <section id="Other">
<title>Additional Recommended Reading</title> <title>Additional Recommended Reading</title>

58
docs/three-interface.xml
View File

@ -147,8 +147,7 @@
<title>Conventions</title> <title>Conventions</title>
<para>Points at which configuration changes are recommended are flagged <para>Points at which configuration changes are recommended are flagged
with <inlinegraphic fileref="images/BD21298_.gif" with <inlinegraphic fileref="images/BD21298_.gif" format="GIF"/>.</para>
format="GIF" />.</para>
<para>Configuration notes that are unique to Debian and it's derivatives <para>Configuration notes that are unique to Debian and it's derivatives
are marked with <inlinegraphic fileref="images/openlogo-nd-25.png" are marked with <inlinegraphic fileref="images/openlogo-nd-25.png"
@ -1101,23 +1100,6 @@ ACCEPT net $FW tcp 80 </programlisting><it
</itemizedlist> </itemizedlist>
</section> </section>
<section>
<title>Disabling your existing Firewall</title>
<para>Before starting Shorewall for the first time, it's a good idea to
stop your existing firewall. On Redhat/CentOS/Fedora:</para>
<programlisting><command>service iptables stop</command></programlisting>
<para>If you are running SuSE, use Yast or Yast2 to stop
SuSEFirewall.</para>
<para>Once you have Shorewall running to your satisfaction, you should
totally disable your existing firewall. On /Redhat/CentOS/Fedora:</para>
<programlisting><command>chkconfig --del iptables</command></programlisting>
</section>
<section id="Starting"> <section id="Starting">
<title>Starting and Stopping Your Firewall</title> <title>Starting and Stopping Your Firewall</title>
@ -1205,6 +1187,44 @@ ACCEPT net $FW tcp 80 </programlisting><it
</itemizedlist> </itemizedlist>
</section> </section>
<section>
<title>Disabling your existing Firewall</title>
<para>Before starting Shorewall for the first time, it's a good idea to
stop your existing firewall. On older Redhat/CentOS/Fedora:</para>
<programlisting><command>service iptables stop</command></programlisting>
<para>On recent Fedora systems that run systemd, the command is:</para>
<programlisting><command>systemctl stop iptables.service</command></programlisting>
<para>If you are running SuSE, use Yast or Yast2 to stop
SuSEFirewall.</para>
<para>On other systems that use a classic SysV init system:</para>
<programlisting><command>/etc/init.d/iptables stop</command></programlisting>
<para>Once you have Shorewall running to your satisfaction, you should
totally disable your existing firewall. On older
Redhat/CentOS/Fedora:</para>
<programlisting><command>chkconfig --del iptables</command></programlisting>
<para>On Debian systems:</para>
<programlisting><command>update-rc.d iptables disable</command></programlisting>
<para>On recent Fedora system running systemd:</para>
<programlisting><command>systemctl disable iptables.service</command></programlisting>
<para><inlinegraphic fileref="images/BD21298_.gif"/></para>
<para>At this point, disable your existing firewall service.</para>
</section>
<section id="Reading"> <section id="Reading">
<title>Additional Recommended Reading</title> <title>Additional Recommended Reading</title>

60
docs/two-interface.xml
View File

@ -121,8 +121,7 @@
<title>Conventions</title> <title>Conventions</title>
<para>Points at which configuration changes are recommended are flagged <para>Points at which configuration changes are recommended are flagged
with <inlinegraphic fileref="images/BD21298_.gif" with <inlinegraphic fileref="images/BD21298_.gif" format="GIF"/>.</para>
format="GIF" />.</para>
<para>Configuration notes that are unique to Debian and it's derivatives <para>Configuration notes that are unique to Debian and it's derivatives
are marked with <inlinegraphic fileref="images/openlogo-nd-25.png" are marked with <inlinegraphic fileref="images/openlogo-nd-25.png"
@ -146,7 +145,7 @@
<section id="Concepts"> <section id="Concepts">
<title>Shorewall Concepts</title> <title>Shorewall Concepts</title>
<para></para> <para/>
<para>The configuration files for Shorewall are contained in the directory <para>The configuration files for Shorewall are contained in the directory
<filename class="directory">/etc/shorewall</filename> -- for simple <filename class="directory">/etc/shorewall</filename> -- for simple
@ -1021,23 +1020,6 @@ ACCEPT loc $FW tcp 80 #Allow Weblet to work</progra
</itemizedlist> </itemizedlist>
</section> </section>
<section>
<title>Disabling your existing Firewall</title>
<para>Before starting Shorewall for the first time, it's a good idea to
stop your existing firewall. On Redhat/CentOS/Fedora:</para>
<programlisting><command>service iptables stop</command></programlisting>
<para>If you are running SuSE, use Yast or Yast2 to stop
SuSEFirewall.</para>
<para>Once you have Shorewall running to your satisfaction, you should
totally disable your existing firewall. On /Redhat/CentOS/Fedora:</para>
<programlisting><command>chkconfig --del iptables</command></programlisting>
</section>
<section id="Starting"> <section id="Starting">
<title>Starting and Stopping Your Firewall</title> <title>Starting and Stopping Your Firewall</title>
@ -1122,6 +1104,44 @@ ACCEPT loc $FW tcp 80 #Allow Weblet to work</progra
</itemizedlist> </itemizedlist>
</section> </section>
<section>
<title>Disabling your existing Firewall</title>
<para>Before starting Shorewall for the first time, it's a good idea to
stop your existing firewall. On older Redhat/CentOS/Fedora:</para>
<programlisting><command>service iptables stop</command></programlisting>
<para>On recent Fedora systems that run systemd, the command is:</para>
<programlisting><command>systemctl stop iptables.service</command></programlisting>
<para>If you are running SuSE, use Yast or Yast2 to stop
SuSEFirewall.</para>
<para>On other systems that use a classic SysV init system:</para>
<programlisting><command>/etc/init.d/iptables stop</command></programlisting>
<para>Once you have Shorewall running to your satisfaction, you should
totally disable your existing firewall. On older
Redhat/CentOS/Fedora:</para>
<programlisting><command>chkconfig --del iptables</command></programlisting>
<para>On Debian systems:</para>
<programlisting><command>update-rc.d iptables disable</command></programlisting>
<para>On recent Fedora system running systemd:</para>
<programlisting><command>systemctl disable iptables.service</command></programlisting>
<para><inlinegraphic fileref="images/BD21298_.gif"/></para>
<para>At this point, disable your existing firewall service.</para>
</section>
<section id="Reading"> <section id="Reading">
<title>Additional Recommended Reading</title> <title>Additional Recommended Reading</title>