Red Hat 7.0 had never been quite as stable as bedrock for me, and so the arrival of RH 7.2 seemed like a lifesaver, especially with the new 2.4 kernel, iptables instead of ipchains, KDE 2.2 instead of the horrible KDE2.0 beta version that my system had been limping around (and crashing) with. I also decided to bravely go for GRUB (it's prettier than LILO) and the ext3 filesystem. The upgrade process itself was very pain-free and it seemed intelligent enough to upgrade all the installed packages automatically. Definitely a far cry from the old days. I hardly had to do anything except wait for my hard drive to crunch and grind for 30-45 minutes -- just the perfect amount of time to make a cup of hot chocolate and enjoy a few Chopin etudes!
Where did my ipchains
RH 7.2 does not get rid of ipchains and replace it with iptables/netfilter, although it installs the latter. ipchains is still started up when you boot into your new kernel. To use iptables at all, you need to disable ipchains from starting up the next time you boot up your system, because iptables and ipchains do not run together.
HOW-TO by Rusty Russell
ipchains HOW-TO by Rusty Russell
The Netfilter homepage
If you don't know what ipchains or iptables are, well simply put, they're firewalls for Linux. If you don't know what a firewall is, please whatever you do, don't put your Linux system online. Check out SANS and the Honeynet project to discover the grisly details of what some disgruntled teenager can do to your computer when you're not looking (and sometimes even when you are).
I used Firestarter as a convenient graphical script for configuring my old ipchains firewall. However, when I tried running Firestarter again with the new iptables, it kept crashing with a Gnome segmentation fault. Actually this is misleading - the trouble is actually to do with the old Firestarter configuration files. This is probably somewhere in /etc/firestarter or some such place. Get rid of all the files in that directory and now Firestarter should work. Note: reinstalling the Firestarter binary from the RPM will not work! Not even installing a binary version of a new Firestarter RPM will help. Before I realised the problem was with the configuration files, I just gave up and recompiled Firestarter from the source tarball. And then it finally worked. "If all else fails, just recompile from source". Firestarter then seems to work a treat with iptables, just as it did with ipchains.
You might want to run a nessus scan against your own machine just to test the firewall. Better still, get a (trusted) friend to run it against your machine, from outside your network.
Fixed Width Fonts Problem
in KDE 2
Now KDE 2 looks super, all nice and snazzy even though I find the default screens somewhat off-putting and overly chunky. Aesthetics still need improving - some more graphic artists need to volunteer their time for the KDE project. However, some of you may have noticed that the default system fonts in KDE look rather like the basic Courier or the old Typewriter font that really mar the otherwise slick interface. I tried to change this in the KDE Control Center, but surprise, surprise, it kept defaulting to this horrible font! This probably happens more often than RedHat/KDE would have you believe - I installed this in a Twinhead laptop and got the same problem.
The Paranoid Penguin Says: "And whatever you do, do not forget to check the Red Hat 7.2 Errata Page at least once a week!"
Back to Artemis's Linux Page