Red Hat 7.0 had never been quite as stable as bedrock for me, and so the arrival of RH 7.2 seemed like a lifesaver, especially with the new 2.4 kernel, iptables instead of ipchains, KDE 2.2 instead of the horrible KDE2.0 beta version that my system had been limping around (and crashing) with. I also decided to bravely go for GRUB (it's prettier than LILO) and the ext3 filesystem. The upgrade process itself was very pain-free and it seemed intelligent enough to upgrade all the installed packages automatically. Definitely a far cry from the old days. I hardly had to do anything except wait for my hard drive to crunch and grind for 30-45 minutes -- just the perfect amount of time to make a cup of hot chocolate and enjoy a few Chopin etudes!
Where did my ipchains
go?
RH 7.2 does not get rid of ipchains and replace it with iptables/netfilter,
although it installs the latter. ipchains is still started up when you boot
into your new kernel. To use iptables at all, you need to disable ipchains from
starting up the next time you boot up your system, because iptables and ipchains
do not run together.
iptables
HOW-TO by Rusty Russell
ipchains HOW-TO by Rusty Russell
The Netfilter homepage
If you don't know what ipchains or iptables are, well simply put, they're firewalls
for Linux. If you don't know what a firewall is, please whatever you do, don't
put your Linux system online. Check out SANS
and the Honeynet project to discover
the grisly details of what some disgruntled teenager can do to your computer
when you're not looking (and sometimes even when you are).
Firestarter crashes
and burns!
I used Firestarter as a convenient
graphical script for configuring my old ipchains firewall. However, when I tried
running Firestarter again with the new iptables, it kept crashing with a Gnome
segmentation fault. Actually this is misleading - the trouble is actually to
do with the old Firestarter configuration files. This is probably somewhere
in /etc/firestarter or some such place. Get rid of all the files in that directory
and now Firestarter should work. Note: reinstalling the Firestarter binary from
the RPM will not work! Not even installing a binary version of a new Firestarter
RPM will help. Before I realised the problem was with the configuration files,
I just gave up and recompiled Firestarter from the source tarball. And then
it finally worked. "If all else fails, just recompile from source".
Firestarter then seems to work a treat with iptables, just as it did with ipchains.
You might want to run a nessus scan against your own machine just to test the firewall. Better still, get a (trusted) friend to run it against your machine, from outside your network.
Fixed Width Fonts Problem
in KDE 2
Now KDE 2 looks super, all nice and snazzy even though I find the default screens
somewhat off-putting and overly chunky. Aesthetics still need improving - some
more graphic artists need to volunteer their time for the KDE
project. However, some of you may have noticed that the default system fonts
in KDE look rather like the basic Courier or the old Typewriter font that really
mar the otherwise slick interface. I tried to change this in the KDE Control
Center, but surprise, surprise, it kept defaulting to this horrible font! This
probably happens more often than RedHat/KDE would have you believe - I installed
this in a Twinhead laptop and got the same problem.
The Paranoid Penguin Says: "And whatever you do, do not forget to check the Red Hat 7.2 Errata Page at least once a week!"
Back to Artemis's Linux Page