how uncover what start iptables?
Zdenek Pytela
pytela at phil.muni.cz
Mon Sep 10 07:51:24 UTC 2012
Frantisek Hanzlik pise:
> I have disabled (not masked) iptables.service on F17 box.
> But occasionally are this services started. There isn't any
> record about it in system logs. Is there some (systemd native)
> manner how detect who start this service?
> (maybe via inotify tools I'm able detect access to
> "/etc/sysconfig/iptables", but this give no information about
> accessing process)
Try if
grep -r Requires=iptables.service /lib/systemd
can be of any help to you.
> Second question about iptables: Is there any replacement for
> "service iptables panic" command from old gold cheerful non-systemd days?
Check /lib/systemd/system/iptables.service, you still may try
/lib/systemd/system/iptables.service panic
You can also prepare two sets of iptables with the default be ACCEPT
and then switch between them with a simple command with flushing/renaming/adding
a chain.
--
--Zdenek Pytela, <pytela at phil.muni.cz>
More information about the users
mailing list