FOOD FOR THOUGHT Completely disable iptables? Won't stay dead...

[Tidder]

Incredible 13-13.8 on SL 6.9. I have disabled fail2ban, iptables using chkconfig. I did find a cron entry where iptables was being restarted and commented that out. Yet, I'm still having iptables come back to life after a reboot. How can I kill it completely? I have a firewall in front of my PBX managing my security for me, and iptables is actually causing an issue where sometimes my inbound calls will not connect, likely because I haven't whitelisted all the potential originating IPs from my provider.

Anyone have any pointers? Is there another service that is reliant upon iptables aside from fail2ban, port knock maybe?

 

[krzykat]

Why not modify /etc/sysconfig/iptables and make it wide open. Then if it starts, it doesn't do anything. Is the IPtables causing issues for you?

 

[Tidder]

Ah, that's a good idea. Yeah, if I stop iptables, I don't have issues with phone calls coming in from Flowroute. I haven't taken the time to add the 4 or 5 different ip blocks to the allowed list, would rather just kill iptables since it's redundant in this particular setup.

Thanks!