iptables issues

[Silverflames]

I've got a new problem with iptables.

On a recently updated rhel 4.8 server iptables is saying it's stopped when it's started. All the rules are there, in the message log it shows that iptables has started on boot.

I think it might have something to do with the fact that a file is not being created when iptables starts

There is this bit in the iptables script in init.d that creates the following file

Code:

touch $VAR_SUBSYS_IPTABLES

If you create this file it appears to fix the problem, but when the firewall is turned off it gets deleted. This is the first time I've seen this problem.

Has anyone come across this before?

[jselover]

The $VAR_SUBSYS_IPTABLES variable will be set near the top of the iptables script. It will be something like /var/lock/subsys/iptables and, yes, it is used to indicate the iptables script has been ran.
If the system is starting another firewall like Webmin, shorewall, fwbuilder, or one of the other many iptables frontends, the starting of the other firewall may be removing the file.
Only 1 firewall frontend can use the iptables functions at a time, because it is too difficult for any firewall frontend to figure out what another firewall frontend is doing.

Look for other enabled services that use iptables.