Enabling and disabling iptables
The iptables service is enabled by default. Any changes to the configuration is persistent. A write is not required to save any changes in the configuration.
If the iptables service is disabled, you cannot configure ACLs in the Sentry System Manager.
To enable or disable the iptables service at system startup, enter one of the following commands in CONFIG mode
|
Feature |
Command |
|
Enable the iptables service. |
service iptables enable |
|
Disable the iptables service. |
no service iptables |
•To enable the iptables service, type the following command in CONFIG mode:
service iptables enable
Example:
|
sentry/config# service iptables enable |
•To disable the iptables service, type the following command in CONFIG mode:
no service iptables
Example:
|
sentry/config# no service iptables |
•To view whether the iptables service is enabled or disabled at system startup, type one of the following commands in EXEC mode:
show service
or
show running-config
Example:
|
sentry#show service +------------+-----------+--------------- Servicename + Enabled + Max.Sessions +------------+-----------+--------------- ssh yes 5 ntp yes iptables yes
|
Example:
|
sentry#show running-config Display running configuration interface GigabitEthernet 1 ip address 10.10.27.14 255.255.0.0 no shutdown end interface GigabitEthernet 2 no ip address shutdown end interface GigabitEthernet 3 no ip address shutdown end interface GigabitEthernet 4 no ip address shutdown end ip route 0.0.0.0 0.0.0.0 10.10.1.1 no dbconfig service ssh 5 service ntp no service iptables ip name-server 10.10.15.6 0 ip name-server 10.11.50.31 1 ip domain-name auto.ivanti.com ntp 172.16.0.235 1 hostname app264.auto.ivanti.com timeout 0 system user miadmin *** sentry#
|
•To view the iptables service status, type the following command in EXEC PRIVILEGED mode:
#service iptables status
Example:
|
sentry# service iptables status |