[NTLUG:Discuss] ipchains versus netfilter

Smitty 76543a at mpinet.net
Wed Apr 25 17:09:59 CDT 2001 

Will Senn wrote:
> 
> Hi again ntluggers,
> 
> I have Redhat 7.1 with the 2.4.2 kernel
> on a Pentium MMX 200 mhz
> 128 MB SDRAM 66mhz
> Diamond Viper V550 16 MB SDRAM
> etc...
> 
> As some of you may have read, I recently attempted to build a 2.4.3 kernel
> and one of the issues that I came across was that after I built the kernel
> and rebooted - I didn't have the necessary processes for ipchains
> apparently.
> This was not surprising in and of itself because I didn't select any options
> related to ipchains in 'make xconfig'.  I didn't select any because to my
> knowledge there aren't any.  The only ipchains entry that I saw was in the
> netfilter options and the help said this was not advisable?

Aha! You did use xconfig!  Ipchains will not be mentioned as an option,
just general firewall enablement options.  Use config and enable
CONFIG_FIREWALL=y CONFIG_IP_FIREWALL=y CONFIG_IP_FIREWALL_NETLINK=y  
> 
> My questions are:
> What is netfilter versus ipchains?

Like ipchains but has stateful packet filtering.
 
> What's up with the dearth of help on setting up netfilter?

It is the new linux firewall and not too many folks know how to use it
yet. 

> I used the ipchains HOWTO and the - Red Hat Linux 6.X as an Internet Gateway
> for a Home Network HOWTO to set up ipchains, but I couldn't find anything
> comparable for netfilter, which is more current?

Netfilter is, also know as iptables.  There should be plenty of material
on iptables available on the internet. 
> What is a good source of information for learning about the configuration
> options in the kernel? (You would think that Redhat would document at
> least a bit of the configuration)
Redhat Linux Secrets by Barkakati.  

> 
> Thanks,
> 
> Will Senn
> Lead Engineer
> Postfuture, Inc.
> voice: 972.889.2226
> fax: 972.235.4162
> mailto:wsenn at postfuture.com
> http://postfuture.com
> 
> =====Privacy and Confidentiality Notice=====
> The information contained in this note is intended
> solely for the recipient(s) addressed herein only and contains
> privileged and confidential information. If you are not an
> intended recipient, you are strictly prohibited from using,
> copying, distributing, or taking any action in reliance on
> such information. If you have received this document in error,
> please notify the author immediately.
> 
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss

More information about the Discuss mailing list