Enabling and disabling iptables

The iptables service is enabled by default. Any changes to the configuration is persistent. A write is not required to save any changes in the configuration.

If the iptables service is disabled, you cannot configure ACLs in the Sentry System Manager.

To enable or disable the iptables service at system startup, enter one of the following commands in CONFIG mode

Table 70.   Enabling and disabling iptables

Feature

Command

Enable the iptables service.

service iptables enable

Disable the iptables service.

no service iptables

To enable the iptables service, type the following command in CONFIG mode:

service iptables enable

Example:

sentry/config# service iptables enable
sentry/config#

To disable the iptables service, type the following command in CONFIG mode:

no service iptables

Example:

sentry/config# no service iptables
sentry/config#

To view whether the iptables service is enabled or disabled at system startup, type one of the following commands in EXEC mode:

show service

or

show running-config

Example:

sentry#show service

+------------+-----------+---------------

Servicename + Enabled + Max.Sessions

+------------+-----------+---------------

ssh yes 5

ntp yes

iptables yes

 

Example:

sentry#show running-config

Display running configuration

interface GigabitEthernet 1

ip address 10.10.27.14 255.255.0.0

no shutdown

end

interface GigabitEthernet 2

no ip address

shutdown

end

interface GigabitEthernet 3

no ip address

shutdown

end

interface GigabitEthernet 4

no ip address

shutdown

end

ip route 0.0.0.0 0.0.0.0 10.10.1.1

no dbconfig

service ssh 5

service ntp

no service iptables

ip name-server 10.10.15.6 0

ip name-server 10.11.50.31 1

ip domain-name auto.ivanti.com

ntp 172.16.0.235 1

hostname app264.auto.ivanti.com

timeout 0

system user miadmin ***

sentry#

 

To view the iptables service status, type the following command in EXEC PRIVILEGED mode:

#service iptables status

Example:

sentry# service iptables status