how to enable iptables from CLI - Security

This is a discussion on how to enable iptables from CLI - Security ; Hi everyone, Ive got RHEL4 on my linuxbox. During its installation I had disabled iptables..so now when I want to enable it again I will have to go to the GUI option of Security and from there will have to ...

+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 20 of 33

Thread: how to enable iptables from CLI

  1. how to enable iptables from CLI

    Hi everyone,
    Ive got RHEL4 on my linuxbox. During its installation I had disabled
    iptables..so now when I want to enable it again I will have to go to
    the GUI option of Security and from there will have to enable it.
    I wanted to know is there a way to enable iptables from the command
    line rather than using the GUI

    thanks
    Danish


  2. Re: how to enable iptables from CLI

    On 2006-04-05, linuxadmin wrote:
    > I wanted to know is there a way to enable iptables from the command
    > line rather than using the GUI


    service iptables start

    to start it and

    chkconfig iptables on

    to have it started at boot.

    Davide

    --
    Tact is the ability to tell a man he has an open mind when he has a
    hole in his head.

  3. Re: how to enable iptables from CLI

    Davide Bianchi wrote:
    > On 2006-04-05, linuxadmin wrote:
    >
    >>I wanted to know is there a way to enable iptables from the command
    >>line rather than using the GUI

    >
    >
    > service iptables start
    >
    > to start it and
    >
    > chkconfig iptables on
    >
    > to have it started at boot.


    There's also the setup way -- a semi-GUI way; run setup
    from a command prompt, and you get a ncurses-based semi-
    graphical menu of options; choose the option services,
    and you can enable iptables from there.

    Carlos
    --

  4. Re: how to enable iptables from CLI


    Carlos Moreno wrote:
    > Davide Bianchi wrote:
    > > On 2006-04-05, linuxadmin wrote:
    > >
    > >>I wanted to know is there a way to enable iptables from the command
    > >>line rather than using the GUI

    > >
    > >
    > > service iptables start
    > >
    > > to start it and
    > >
    > > chkconfig iptables on
    > >
    > > to have it started at boot.

    >
    > There's also the setup way -- a semi-GUI way; run setup
    > from a command prompt, and you get a ncurses-based semi-
    > graphical menu of options; choose the option services,
    > and you can enable iptables from there.
    >
    > Carlos
    > --


    I tried what Davide told me to but didnt work so I then went to the
    graphical option by choosing the
    Security option on the start menu.. From there I had to enable the
    iptables. I wanted to do it the CLI way because going back again to the
    GUI mode somewhat becomes more like Microsoft

    thanks
    danish


  5. Re: how to enable iptables from CLI

    linuxadmin wrote:

    >>There's also the setup way -- a semi-GUI way; run setup
    >>from a command prompt, and you get a ncurses-based semi-
    >>graphical menu of options; choose the option services,
    >>and you can enable iptables from there.

    >
    > I tried what Davide told me to but didnt work so I then went to the
    > graphical option by choosing the
    > Security option on the start menu.. From there I had to enable the
    > iptables. I wanted to do it the CLI way because going back again to the
    > GUI mode somewhat becomes more like Microsoft


    There's nothing wrong with doing things the way Microsoft
    does it, provided that it is a good way of doing things.
    (and first of all, Microsoft *wishes* that GUI was a
    creation of theirs -- contrary to popular belief, at least
    among people younger than 20 or so, Microsoft does not have
    the barely minimum claim over the idea of OS's with GUI)

    Using a GUI tool when one is available is perfectly ok if
    that GUI tool does the job correctly -- if the job is
    manually starting a service on a Linux box, then I'd
    vote for the idea that the GUI tool does that job perfectly.

    What could be considered wrong is having a GUI at all,
    if we're talking about servers. In that sense, even if
    you were starting iptables on a workstation (where most
    people would want to have a GUI), you could argue that
    you want to learn it the CLI way, since that's what
    you'll need when you have to do the same on a server
    (possibly remote).

    Do notice that setup is a command-line tool -- it gives
    you a semi-graphical interface (text-based, on a console),
    with a list of choices that you select. You then move
    with the arrow keys and use the space bar to select or
    unselect the given services.

    Absolutely nothing wrong with that -- I use it on remote
    servers that don't even have X-Window installed.

    The strange thing is, what Davide sugested should also
    work (I suggested the setup way as an alternative, not
    as the way that it would work because the other one
    didn't).

    Carlos
    --

  6. Re: how to enable iptables from CLI

    On Wed, 05 Apr 2006 21:49:15 -0700, linuxadmin wrote:


    > Carlos Moreno wrote:
    >> Davide Bianchi wrote:
    >> > On 2006-04-05, linuxadmin wrote:
    >> >
    >> >>I wanted to know is there a way to enable iptables from the command
    >> >>line rather than using the GUI
    >> >
    >> >
    >> > service iptables start
    >> >
    >> > to start it and
    >> >
    >> > chkconfig iptables on
    >> >
    >> > to have it started at boot.

    >>
    >> There's also the setup way -- a semi-GUI way; run setup from a command
    >> prompt, and you get a ncurses-based semi- graphical menu of options;
    >> choose the option services, and you can enable iptables from there.
    >>
    >> Carlos
    >> --

    >
    > I tried what Davide told me to but didnt work so I then went to the
    > graphical option by choosing the
    > Security option on the start menu.. From there I had to enable the
    > iptables. I wanted to do it the CLI way because going back again to the
    > GUI mode somewhat becomes more like Microsoft
    >
    > thanks
    > danish


    It is very probable that you do now have iptables running, although the
    way to start and stop it manually (via CLI) may vary depending on how your
    system was originally configured, what changes you may have made and what
    GUI front-end to iptables you may have used. You said "it didn't work"
    but you didn't say what did happen, what messages were returned etc.

    For example, one popular GUI front-end to iptables, Firestarter, writes
    it's own variables and scripts, and is started (stopped, restarted) -(from
    the CLI) similarly to what Davide told you but with a different file name.
    In this case, running the "iptables" start script may fail because the
    data it needs are in different places than the default. Even though
    iptables is actually running in the kernel, the rules it is using have
    been fed to it from another different source, using a script of a
    different name.

    I don't remember you saying what distro or version OS you are using, so
    it's really impossible to tell from your messages what is happening.

    You should learn some ways to know what is running and not running,
    especially your firewall. You can and should test your firewall, and can
    and should see what it is logging. If you don't know where the log is and
    if you were to post what distro you are using, probably someone could tell
    you exactly where to start looking. You will want to know these things if
    you want to use iptables for logging particular connections from your
    client machine as indicated in your other thread.

    Best wishes.

  7. Re: how to enable iptables from CLI

    Newsbox wrote:
    > On Wed, 05 Apr 2006 21:49:15 -0700, linuxadmin wrote:
    >
    >
    > > Carlos Moreno wrote:
    > >> Davide Bianchi wrote:
    > >> > On 2006-04-05, linuxadmin wrote:
    > >> >
    > >> >>I wanted to know is there a way to enable iptables from the command
    > >> >>line rather than using the GUI
    > >> >
    > >> >
    > >> > service iptables start
    > >> >
    > >> > to start it and
    > >> >
    > >> > chkconfig iptables on
    > >> >
    > >> > to have it started at boot.
    > >>
    > >> There's also the setup way -- a semi-GUI way; run setup from a command
    > >> prompt, and you get a ncurses-based semi- graphical menu of options;
    > >> choose the option services, and you can enable iptables from there.
    > >>
    > >> Carlos
    > >> --

    > >
    > > I tried what Davide told me to but didnt work so I then went to the
    > > graphical option by choosing the
    > > Security option on the start menu.. From there I had to enable the
    > > iptables. I wanted to do it the CLI way because going back again to the
    > > GUI mode somewhat becomes more like Microsoft
    > >
    > > thanks
    > > danish

    >
    > It is very probable that you do now have iptables running, although the
    > way to start and stop it manually (via CLI) may vary depending on how your
    > system was originally configured, what changes you may have made and what
    > GUI front-end to iptables you may have used. You said "it didn't work"
    > but you didn't say what did happen, what messages were returned etc.
    >
    > For example, one popular GUI front-end to iptables, Firestarter, writes
    > it's own variables and scripts, and is started (stopped, restarted) -(from
    > the CLI) similarly to what Davide told you but with a different file name.
    > In this case, running the "iptables" start script may fail because the
    > data it needs are in different places than the default. Even though
    > iptables is actually running in the kernel, the rules it is using have
    > been fed to it from another different source, using a script of a
    > different name.
    >
    > I don't remember you saying what distro or version OS you are using, so
    > it's really impossible to tell from your messages what is happening.
    >
    > You should learn some ways to know what is running and not running,
    > especially your firewall. You can and should test your firewall, and can
    > and should see what it is logging. If you don't know where the log is and
    > if you were to post what distro you are using, probably someone could tell
    > you exactly where to start looking. You will want to know these things if
    > you want to use iptables for logging particular connections from your
    > client machine as indicated in your other thread.
    >
    > Best wishes.


    I apologise for not providing the complete information. I use RHEL4...
    #uname -a
    Linux codec 2.6.9-5.EL #1 Wed Jan 5 19:22:18 EST 2005 i686 i686 i386
    GNU/Linux
    ..
    A couple of days ago I bought an internet connection and logged on to
    the net, but my iptables was not on because I has disabled it during
    installation. So i did
    #/etc/init.d/iptables on
    the system didnt do anything but just came back to the root
    prompt..then i did
    #chkconfig --level 5 iptables on
    the system again didnt show anything but just came back to the root
    prompt..by doing
    #/etc/init.d/iptables status
    I got the message that iptables was not running...so I went to the
    start menu ->system ( i think it was) ->Security..
    from there i enabled iptables option and on the trusted devices i
    checked on eth0...I went back to root promt and did
    #/etc/init.d/iptables status ...and it showed that iptables was
    running....

    the other point that i had brought up was the GUI. I never meant that
    Microsoft was the wrong way. Wat I meant by that was by doing things
    from the CLI, a person gets to know what, where and which files are
    getting affecting by doing the above..In addition Id like to thank you
    all for the knowledge

    thanks
    Danish


  8. Re: how to enable iptables from CLI

    Newsbox wrote:

    > Your firewall is probably logging in /var/log/messages


    Wouldn't that be /var/log/secure ??

    Carlos
    --

  9. Re: how to enable iptables from CLI

    On Sat, 08 Apr 2006 10:48:52 -0400, Carlos Moreno wrote:

    > Newsbox wrote:
    >
    >> Your firewall is probably logging in /var/log/messages

    >
    > Wouldn't that be /var/log/secure ??
    >

    Quite possible; the OP will need to check his own system. Seem to vaguely
    remember reference to specifying filename to log to, and possibly could
    then be anything, anywhere. (Couldn't find it just now in a quick look
    through a man page.) Perhaps someone would be kind enough to clarify that
    option, if it does exist. (Tnx)

    My FC4 box is logging firewall hits to the messages file (as did some
    earlier RH releases), and that is why I guessed it might be same for
    RHEL4.

    Best wishes.

    > Carlos


  10. Re: how to enable iptables from CLI

    Newsbox wrote:

    > My FC4 box is logging firewall hits to the messages file (as did some
    > earlier RH releases)


    Huh?

    I've always used RH flavors, and I'm sure I've found myself checking
    /var/log/secure in the past -- maybe it is the logins and failed
    login attempts that get logged to secure, and everything else to
    messages?

    Carlos
    --

  11. Re: how to enable iptables from CLI

    On Sat, 08 Apr 2006 16:47:35 -0400, Carlos Moreno wrote:

    > -- maybe it is the logins and failed
    > login attempts that get logged to secure, and everything else to
    > messages?


    That seems to describe what I see.


  12. Re: how to enable iptables from CLI

    On Sat, 08 Apr 2006 17:02:39 -0400, Newsbox wrote:

    > On Sat, 08 Apr 2006 16:47:35 -0400, Carlos Moreno wrote:
    >
    >> -- maybe it is the logins and failed
    >> login attempts that get logged to secure, and everything else to
    >> messages?

    >
    > That seems to describe what I see.


    man syslog.conf - /etc/syslog.conf on my system.


  13. Re: how to enable iptables from CLI

    On Sun, 09 Apr 2006 00:32:11 +0000, John wrote:

    > On Sat, 08 Apr 2006 17:02:39 -0400, Newsbox wrote:
    >
    >> On Sat, 08 Apr 2006 16:47:35 -0400, Carlos Moreno wrote:
    >>
    >>> -- maybe it is the logins and failed
    >>> login attempts that get logged to secure, and everything else to
    >>> messages?

    >>
    >> That seems to describe what I see.

    >
    > man syslog.conf - /etc/syslog.conf on my system.


    Thank you John, again. And best wishes.


  14. Re: how to enable iptables from CLI

    Newsbox wrote:
    > On Sun, 09 Apr 2006 00:32:11 +0000, John wrote:
    >
    > > On Sat, 08 Apr 2006 17:02:39 -0400, Newsbox wrote:
    > >
    > >> On Sat, 08 Apr 2006 16:47:35 -0400, Carlos Moreno wrote:
    > >>
    > >>> -- maybe it is the logins and failed
    > >>> login attempts that get logged to secure, and everything else to
    > >>> messages?
    > >>
    > >> That seems to describe what I see.

    > >
    > > man syslog.conf - /etc/syslog.conf on my system.

    >
    > Thank you John, again. And best wishes.


    # Log anything (except mail) of level info or higher.
    # Don't log private authentication messages!
    *.info;mail.none;authpriv.none;cron.none
    /var/log/messages

    /home/danish/logger

    # The authpriv file has restricted access.
    authpriv.* /var/log/secure

    # Log all the mail messages in one place.
    mail.*
    -/var/log/maillog


    # Log cron stuff
    cron.* /var/log/cron

    # Everybody gets emergency messages
    *.emerg *

    # Save news errors of level crit and higher in a special file.
    uucp,news.crit
    /var/log/spooler

    # Save boot messages also to boot.log
    local7.*
    /var/log/boot.log


    this is my /etc/syslog.conf

    Danish


  15. Re: how to enable iptables from CLI

    On Mon, 10 Apr 2006 01:19:57 -0700, linuxadmin wrote:

    > Newsbox wrote:
    >> On Sun, 09 Apr 2006 00:32:11 +0000, John wrote:
    >>
    >> > On Sat, 08 Apr 2006 17:02:39 -0400, Newsbox wrote:
    >> >
    >> >> On Sat, 08 Apr 2006 16:47:35 -0400, Carlos Moreno wrote:
    >> >>
    >> >>> -- maybe it is the logins and failed
    >> >>> login attempts that get logged to secure, and everything else to
    >> >>> messages?
    >> >>
    >> >> That seems to describe what I see.
    >> >
    >> > man syslog.conf - /etc/syslog.conf on my system.

    >>
    >> Thank you John, again. And best wishes.

    >
    > # Log anything (except mail) of level info or higher. # Don't log
    > private authentication messages!
    > *.info;mail.none;authpriv.none;cron.none /var/log/messages
    >
    > /home/danish/logger
    >
    > # The authpriv file has restricted access. authpriv.*
    > /var/log/secure
    >
    > # Log all the mail messages in one place. mail.*
    > -/var/log/maillog
    >
    >
    > # Log cron stuff
    > cron.* /var/log/cron
    >
    > # Everybody gets emergency messages
    > *.emerg *
    >
    > # Save news errors of level crit and higher in a special file.
    > uucp,news.crit
    > /var/log/spooler
    >
    > # Save boot messages also to boot.log local7.*
    > /var/log/boot.log
    >
    >
    > this is my /etc/syslog.conf
    >
    > Danish


    Hi,
    This is almost identical to the same file on my disk, except for a couple
    of things:

    1. Sending things through the news server often messes up the formatting
    of the original message, and appears to have done that this time. That
    doesn't matter much for ordinary narrative text, but format is usually
    important in a .conf file. It's pretty obvious that most of the
    differences are just the wrapping of the ends of long lines after tabs by
    the news server and/or local clients. But just to mention from my docs
    that:

    This release of syslogd is able to understand an extended syntax. One
    rule can be divided into several lines if the leading line is
    terminated with an backslash (''\'').


    2. My file doesn't have the part (surprise-not) "/home/danish/logger".

    3. From reading, I would expect the correct syntax for these lines
    (without the unintended wrapping, though) to look like this (if I
    understand your intention correctly):

    =================

    # Log anything (except mail) of level info or higher.

    # Don't log private authentication messages!

    *.info;mail.none;authpriv.none;cron.none /var/log/messages

    *.info;mail.none;authpriv.none;cron.none /home/danish/logger

    =================

    (That was intended to be four lines.)

    4. From reading, I expect that the syslogd needs to be reinitialized
    before any changes to syslog.conf take effect. Maybe something like
    this(?):

    kill -SIGNAL ‘cat /var/run/syslogd.pid‘

    -- except with "-SIGNAL" replaced with "SIGHUP"

    So please tell me, does it work (ie. Does it log your firewall hits to
    both /var/log/messages and /home/danish/logger ? Is that what you
    intended ?)

    Thanks, and best wishes.

  16. Re: how to enable iptables from CLI

    On Mon, 10 Apr 2006 12:18:00 -0400, Newsbox wrote:

    Just a note about the "punctuation marks". Different font faces render
    differently, and some things that look alike or almost alike might be
    insignificant in normal narrative text, but can be important to the "bash"
    shell interpreter. I _think_ IIRC, the single quotes in the line below
    might be either or both of two different characters:

    ` is the lc key to the left of "1" along the top of the keyboard

    ' is the lc key right of the ";"

    I don't want to mess around too much right now to be sure. But if you
    have trouble with it post back and I'm sure someone will help. ...Could
    be a real bump in the road for anyone who wasn't aware. (OTOH, I might be
    all wrong about this.)

    >
    > kill -SIGNAL ‘cat /var/run/syslogd.pid‘
    >
    > -- except with "-SIGNAL" replaced with "SIGHUP"
    >



  17. Re: how to enable iptables from CLI

    Newsbox wrote:
    > On Mon, 10 Apr 2006 12:18:00 -0400, Newsbox wrote:
    >
    > Just a note about the "punctuation marks". Different font faces render
    > differently, and some things that look alike or almost alike might be
    > insignificant in normal narrative text, but can be important to the "bash"
    > shell interpreter. I _think_ IIRC, the single quotes in the line below
    > might be either or both of two different characters:
    >
    > ` is the lc key to the left of "1" along the top of the keyboard
    >
    > ' is the lc key right of the ";"
    >
    > I don't want to mess around too much right now to be sure. But if you
    > have trouble with it post back and I'm sure someone will help. ...Could
    > be a real bump in the road for anyone who wasn't aware. (OTOH, I might be
    > all wrong about this.)
    >
    > >
    > > kill -SIGNAL 'cat /var/run/syslogd.pid'
    > >
    > > -- except with "-SIGNAL" replaced with "SIGHUP"
    > >


    You know what, thank you for helping me out so much. Becasue had it not
    been you I would never have found out this error.....

    ......Starting system logger: syslogd: error while loading shared
    libraries: /lib/ld-linux.so.2: cannot apply additional memory
    protection after relocation: Permission denied........

    This happened when I noticed that no new log messages were coming into
    /var/log/messages. So I did /etc/init.d/syslog restart.. but then I got
    the above error....but still the kernel logger starts..

    # /etc/init.d/syslog restart
    Shutting down kernel logger: [ OK ]
    Shutting down system logger: [FAILED]
    Starting system logger: syslogd: error while loading shared libraries:
    /lib/ld-linux.so.2: cannot apply additional memory protection after
    relocation: Permission denied [FAILED]
    Starting kernel logger: [ OK ]
    ...........

    Below is the original /etc/syslog.cof file on my home system which has
    the problem..

    # Log anything (except mail) of level info or higher.
    # Don't log private authentication messages!
    *.info;mail.none;authpriv.none;cron.none /var/log/messages

    # The authpriv file has restricted access.
    authpriv.* /var/log/secure

    # Log all the mail messages in one place.
    mail.* - /var/log/maillog


    # Log cron stuff
    cron.* /var/log/cron

    # Everybody gets emergency messages
    *.emerg *

    # Save news errors of level crit and higher in a special file.
    uucp,news.crit /var/log/spooler

    # Save boot messages also to boot.log
    local7.* /var/log/boot.log


    Thanks
    Danish


  18. Re: how to enable iptables from CLI


    linuxadmin wrote:
    > Newsbox wrote:
    > > On Mon, 10 Apr 2006 12:18:00 -0400, Newsbox wrote:
    > >
    > > Just a note about the "punctuation marks". Different font faces render
    > > differently, and some things that look alike or almost alike might be
    > > insignificant in normal narrative text, but can be important to the "bash"
    > > shell interpreter. I _think_ IIRC, the single quotes in the line below
    > > might be either or both of two different characters:
    > >
    > > ` is the lc key to the left of "1" along the top of the keyboard
    > >
    > > ' is the lc key right of the ";"
    > >
    > > I don't want to mess around too much right now to be sure. But if you
    > > have trouble with it post back and I'm sure someone will help. ...Could
    > > be a real bump in the road for anyone who wasn't aware. (OTOH, I might be
    > > all wrong about this.)
    > >
    > > >
    > > > kill -SIGNAL 'cat /var/run/syslogd.pid'
    > > >
    > > > -- except with "-SIGNAL" replaced with "SIGHUP"
    > > >

    >
    > You know what, thank you for helping me out so much. Becasue had it not
    > been you I would never have found out this error.....
    >
    > .....Starting system logger: syslogd: error while loading shared
    > libraries: /lib/ld-linux.so.2: cannot apply additional memory
    > protection after relocation: Permission denied........
    >
    > This happened when I noticed that no new log messages were coming into
    > /var/log/messages. So I did /etc/init.d/syslog restart.. but then I got
    > the above error....but still the kernel logger starts..
    >
    > # /etc/init.d/syslog restart
    > Shutting down kernel logger: [ OK ]
    > Shutting down system logger: [FAILED]
    > Starting system logger: syslogd: error while loading shared libraries:
    > /lib/ld-linux.so.2: cannot apply additional memory protection after
    > relocation: Permission denied [FAILED]
    > Starting kernel logger: [ OK ]
    > ..........
    >
    > Below is the original /etc/syslog.cof file on my home system which has
    > the problem..
    >
    > # Log anything (except mail) of level info or higher.
    > # Don't log private authentication messages!
    > *.info;mail.none;authpriv.none;cron.none /var/log/messages
    >
    > # The authpriv file has restricted access.
    > authpriv.* /var/log/secure
    >
    > # Log all the mail messages in one place.
    > mail.* - /var/log/maillog
    >
    >
    > # Log cron stuff
    > cron.* /var/log/cron
    >
    > # Everybody gets emergency messages
    > *.emerg *
    >
    > # Save news errors of level crit and higher in a special file.
    > uucp,news.crit /var/log/spooler
    >
    > # Save boot messages also to boot.log
    > local7.* /var/log/boot.log
    >
    >
    > Thanks
    > Danish

    One more thing. I also found out there was no /lib/ld-linux-so..2 in
    the /lib sirectory

    Danish


  19. Re: how to enable iptables from CLI

    On Tue, 11 Apr 2006 23:44:27 -0700, linuxadmin wrote:

    > Newsbox wrote:
    >> On Mon, 10 Apr 2006 12:18:00 -0400, Newsbox wrote:
    >>
    >> Just a note about the "punctuation marks". Different font faces render
    >> differently, and some things that look alike or almost alike might be
    >> insignificant in normal narrative text, but can be important to the "bash"
    >> shell interpreter. I _think_ IIRC, the single quotes in the line below
    >> might be either or both of two different characters:
    >>
    >> ` is the lc key to the left of "1" along the top of the keyboard
    >>
    >> ' is the lc key right of the ";"
    >>
    >> I don't want to mess around too much right now to be sure. But if you
    >> have trouble with it post back and I'm sure someone will help. ...Could
    >> be a real bump in the road for anyone who wasn't aware. (OTOH, I might be
    >> all wrong about this.)
    >>
    >> >
    >> > kill -SIGNAL 'cat /var/run/syslogd.pid'
    >> >
    >> > -- except with "-SIGNAL" replaced with "SIGHUP"
    >> >

    >
    > You know what, thank you for helping me out so much. Becasue had it not
    > been you I would never have found out this error.....
    >
    > .....Starting system logger: syslogd: error while loading shared
    > libraries: /lib/ld-linux.so.2: cannot apply additional memory
    > protection after relocation: Permission denied........
    >
    > This happened when I noticed that no new log messages were coming into
    > /var/log/messages. So I did /etc/init.d/syslog restart.. but then I got
    > the above error....but still the kernel logger starts..
    >
    > # /etc/init.d/syslog restart
    > Shutting down kernel logger: [ OK ]
    > Shutting down system logger: [FAILED]
    > Starting system logger: syslogd: error while loading shared libraries:
    > /lib/ld-linux.so.2: cannot apply additional memory protection after
    > relocation: Permission denied [FAILED]
    > Starting kernel logger: [ OK ]
    > ..........
    >


    That original instruction came directly out of the man page

    man syslogd

    >
    > Thanks
    > Danish


    Glad to know that you were able get through that ok. Thanks for letting
    us know how it worked !!

  20. Re: how to enable iptables from CLI


    Newsbox wrote:
    > On Tue, 11 Apr 2006 23:48:09 -0700, linuxadmin wrote:
    >
    > [...]
    > >
    > >> Starting system logger: syslogd: error while loading shared libraries:
    > >> /lib/ld-linux.so.2: cannot apply additional memory protection after
    > >> relocation: Permission denied [FAILED]
    > >> Starting kernel logger: [ OK ]

    > [...]
    > >> Thanks
    > >> Danish

    > > One more thing. I also found out there was no /lib/ld-linux-so..2 in
    > > the /lib sirectory
    > >
    > > Danish

    >
    > /lib/ld-linux.so.2
    > /lib/ld-linux-so..2
    >
    > ... are not the same. If you want to find the file you have to use the
    > exact, letter perfect name. Try copy and paste; - it's very easy in Linux:
    >
    > Highlight the part you want to copy (with the mouse) right in your
    > newsreader (or terminal) display. Then place the mouse cursor where you
    > want to paste this and click with the middle button. That's how I copied
    > and pasted the two lines from different parts of your message.
    >
    > Try copying this line that way into a CLI and enter it:
    >
    > ls -l /lib/ld-linux.so.2
    >
    > When I do that, this is what I get:
    >
    > $ ls -l /lib/ld-linux.so.2
    > lrwxrwxrwx 1 root root 9 Mar 17 17:06 /lib/ld-linux.so.2 -> ld-2.4.so
    > $
    >
    > HTH
    >
    > Best wishes.


    I apologise for not being correct. The library is
    ld-linux.so.2..

    Thanks
    Danish


+ Reply to Thread
Page 1 of 2 1 2 LastLast