Mageia forum

share the magic

Skip to content

[SOLVED] Disabling firewall

This forum is dedicated to advanced help and support :

Ask here your questions about advanced usage of Mageia. For example you may post here all your questions about network and automated installs, complex server configurations, kernel tuning, creating your own Mageia mirrors, and all tasks likely to be touchy even for skilled users.
Post a reply

[SOLVED] Disabling firewall

Postby mackowiakp » Jun 18th, '13, 12:57

How can I permanently disable firewall. I have only sshd installed as externally avaliable service so I want to disable FW. Can not from Control Centre. Shorewall clear disable only until reboot.
Is it possible?
Last edited by mackowiakp on Jun 18th, '13, 18:14, edited 2 times in total.
Linux is like wigwam. No Windows, no Gates but Apache inside

WARNING ! The administrator has the right to refuse to install WINDOWS, invoking the conscience clause
mackowiakp
 
Posts: 660
Joined: May 23rd, '13, 07:32
Location: Gdynia, Poland
Top

Re: Disabling firewall

Postby oj » Jun 18th, '13, 17:36

Try
Code: Select all
systemctl shorewall.service stop
then
Code: Select all
systemctl shorewall.service disable
Might have to do the same for iptables.

(oops... fixed a typo)
oj
 
Posts: 232
Joined: Aug 23rd, '12, 00:22
Top

Re: Disabling firewall

Postby mackowiakp » Jun 18th, '13, 18:00

oj wrote:Try
Code: Select all
systemctl shorewall.service stop
then
Code: Select all
systemctl shorewall.service disable
Might have to do the same for iptables.

(oops... fixed a typo)


OK, works. But should be:
systemctl stop shorewall.service
systemctl disable shorewall.service

:mrgreen:
Linux is like wigwam. No Windows, no Gates but Apache inside

WARNING ! The administrator has the right to refuse to install WINDOWS, invoking the conscience clause
mackowiakp
 
Posts: 660
Joined: May 23rd, '13, 07:32
Location: Gdynia, Poland
Top

Re: Disabling firewall

Postby ca-on-adam » Sep 9th, '13, 05:22

mackowiakp wrote:
oj wrote:Try
Code: Select all
systemctl shorewall.service stop
then
Code: Select all
systemctl shorewall.service disable
Might have to do the same for iptables.

(oops... fixed a typo)


OK, works. But should be:
systemctl stop shorewall.service
systemctl disable shorewall.service

:mrgreen:



Code: Select all
A lazy shorter version:
# systemctl stop shorewall
# systemctl disable shorewall


I have just tried this, it is the correct answer and all of the shorewall rules visible with "iptables -L" are cleared, but one should know that it doesn't change the iptables default policy of DROP immediately. So my ssh server was still blocked from accepting connections. Something needs to be done to refresh the iptables, I am not sure what would be the simplest. I just rebooted the system and the iptables policies did successfully change to ACCEPT, and now I can connect to the openssh-server on port 22.

Is there a command to get the new iptables policies to take effect without a system reboot?
ca-on-adam
 
Posts: 57
Joined: Aug 31st, '11, 13:33
Top

Re: [SOLVED] Disabling firewall

Postby jiml8 » Sep 9th, '13, 09:21

While I agree that shorewall is complicated and sometimes a real PITA, I have to say that operating a network-facing computer without a robust firewall in place is simply asking to be owned. This is even more true for the user who turns on all the services and is afraid to turn them off because "I don't know what they do".
jiml8
 
Posts: 1254
Joined: Jul 7th, '13, 18:09
Top
Post a reply

Return to Advanced support

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB® Forum Software © phpBB Group