Why after installing from scratch the iptables or upgrading the iptables
Then iptables from chkconfig display on ?
How to avoid chkconfig iptables on , after installling/upgradin iptables ?
- remark we want to avoid to perform chkconfig iptables off after installing the iptables
Real example from my redhat machine version 6
service iptables status
Firewall is stopped.
# chkconfig --list | grep iptables
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# chkconfig iptables off
# chkconfig --list | grep iptables
iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off
yum remove iptables
.
.
.
chkconfig --list | grep iptables
show nothing ( as should be )
yum install iptables
.
.
.
After iptables was installed Successfully , We can see that chkconfig is on - why ?
# chkconfig --list | grep iptables
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
The critical problem with this is:
After reboot iptables service will be running and we want to avoid this
Please advise how to avoid iptables chkconfig on after installing iptables package
Your question to why the iptables service gets enabled is quite simple to answer:
the postinstall script included in the RPM packages calls chkconfig to enable the service.
Yum does not provide for an option not to run postinstall scripts, but
rpmdoes, download the rpm before installing it manually.Well, if you can't control the behaviour of the RPM keeping re-enabling the service, you should configure
iptablesto meet your needs.The easiest way would be to just comment any line in
/etc/sysconfig/iptables. This will not load any rule and should be equal to not running.Just moving or deleting it will be no solution, as the file will be installed by
iptables-serviceson update or reinstall.