Enabling and disabling iptables
The iptables service is enabled by default. Any changes to the configuration is persistent. A write is not required to save any changes in the configuration.
| NOTE: | If the iptables service is disabled, you cannot configure ACLs in the Sentry System Manager. |
To enable or disable the iptables service at system startup, enter one of the following commands in CONFIG mode
|
Feature |
Command |
|
Enable the iptables service. |
service iptables enable |
|
Disable the iptables service. |
no service iptables |
| • | To enable the iptables service, type the following command in CONFIG mode: |
service iptables enable
Example:
|
sentry/config# service iptables enable |
| • | To disable the iptables service, type the following command in CONFIG mode: |
no service iptables
Example:
|
sentry/config# no service iptables |
| • | To view whether the iptables service is enabled or disabled at system startup, type one of the following commands in EXEC mode: |
show service
or
show running-config
Example:
|
sentry#show service +------------+-----------+--------------- Servicename + Enabled + Max.Sessions +------------+-----------+--------------- ssh yes 5 ntp yes iptables yes
|
Example:
|
sentry#show running-config Display running configuration interface GigabitEthernet 1 ip address 10.10.27.14 255.255.0.0 no shutdown end interface GigabitEthernet 2 no ip address shutdown end interface GigabitEthernet 3 no ip address shutdown end interface GigabitEthernet 4 no ip address shutdown end ip route 0.0.0.0 0.0.0.0 10.10.1.1 no dbconfig service ssh 5 service ntp no service iptables ip name-server 10.10.15.6 0 ip name-server 10.11.50.31 1 ip domain-name auto.mobileiron.com ntp 172.16.0.235 1 hostname app264.auto.mobileiron.com timeout 0 system user miadmin *** sentry#
|
| • | To view the iptables service status, type the following command in EXEC PRIVILEGED mode: |
#service iptables status
Example:
|
sentry# service iptables status |