I think you are both talking about things a bit different rom each other.
vodoo talks about the iptables tool. A command in /usr/bin/iptables that also has a man page on the system. In that man page you find that there is no place for
I think that BushSnake talks about a start/stop/status script. They are to be found in /etc/init.d and have a status command.
You probably think that this script will exist from experience with other Linux distributions. In openSUSE iptables are created/maintained by SuSEfirewall2.
Thanks. I don’t think we were talking about the same thing, as I definitely meant the script with the start/stop/status commands. All I want to do is make sure the Firewall is COMPLETELY disabled, so if the GUI in YaST does that when I disable it, then I don’t need the iptables command. Someone just mentioned that the GUI way doesn’t completely disable it, but he may have been referring to another distribution of Linux. If SUSE doesn’t need the iptables script, then I assume (or rather hope) I’ll never have to use it…
should get you the info needed as well I believe. The rcSuSEfirewall2
script (which points to /etc/init.d/SuSEfirewall2_setup) is probably the
best way to manipulate the firewall. For clarity the firewall (NetFilter)
is never completely turned off as it is a kernel module. With that said
when you set the firewall to ACCEPT everything (INPUT, OUPUT, etc.) it is
effectively keeping its hands off of all data and “disabled”. Another way
to see the rules is with:
Also all of this begs the question… why disable the firewall
completely? It’s fine to do I suppose, but I can’t think of a good reason
unless it’s for troubleshooting to completely rule out issues with it.
> I have SuSEfirewall2 switched off (using YaST).
> You can see which IP tabels are active with
> iptables -L
> In my system nothing shows (apart from some headers).
> For me that is sufficient.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/