"Greg Campbell" <greg.campbell@us.michelin.com> writes:
> So I think use the System Tools ->Security Level administrator is doing
> something different under the hood now. While my RH8 install has a
> iptables executable, it seems to have nothing (empty files) to work
> against. I believe it is managing the older ipchains security. For
> curiosity sake, what did you do in RH8 to open up port 5432?
I may be mistaken about this; I remember having had to open up 5432
on one of my Linux systems, but it may not have been the RH8 box.
/etc/sysconfig/ipchains is the controlling file there, and what I have
saved as the "original" version doesn't look like it would block 5432.
(It did block a bunch of other stuff that I found unhelpful, such as
NFS mounts and telnet; which is reasonable for a machine with a direct
connection to the 'net, but not what I wanted for a machine behind a
firewall...)
> Does lokkit
> function against both systems?
FWIW, the ipchains file says "# Firewall configuration written by lokkit"
but I prefer hacking config files directly to relying on undocumented
security tools, so I ignored that.
regards, tom lane