Re: [tlug] Ipchains/Iptables

["Scott McLennan" <scottmclennan@example.com>]

Ah. Interesting. So it can't have 2 hey?!
Terrific.The fog is clear out of my mind.

Thanks a lot,

Scott numero dos.. ;-0)
{Oyasumi/bonsoir/wan an/Gutten nacht}



>
> > Hey Scott.
> > (what a great name! )
>
> Yes, I think so. :)
> >
> > That's good. Thanks a lot. When you run iptables, do you
> > need this thing called netfilter? Can you run iptables by
> > calling it from within /etc/rc.d/rc.local just as you do with
> > ipchains.
>
>
> Ok, the only distro where I've dealt with both is RH.  They can't be run
> together--both, in the default kernel are modules so first you'd do rmmod
> ipchains then insmod iptables. I usually, regardless of distro, download
and
> install a new kernel quickly, and always put in netfilter--again, I'm in
MS
> today, and rushed, so I don't have time to go and look--I ~think~ and hope
> someone can either confirm or correct, that netfilter is necessary for
> iptables.
>
> Now, if, on RH, you do that rmmod ipchains, insmod iptables, your default
> iptables just accepts everything.
>
> So, you might, using the default ipchains as a guide (by doing
> ipchains -L -v -n see what your current ipchains looks like-- then make an
> iptables script to duplicate it, changing input to INPUT the port number
at
> the end to --dport and the port number and any -y (or is it --y) to --syn.
>
> Then, depending upon your degree of paranoia, disconnect the box from the
> network, do the rmmod and insmod mentioned above and run your script to
make
> sure you haven't made any syntax errors.  When done, it's
> iptables-save >/etc/sysconfig/iptables
>
> The above is for RH.   In Slack you edit  /etc/rc.M, placing the script in
> your default run level and in Gentoo you add it with rc-update--I think
> those are the only ones I've worked with.
> HTH
> Scott
>
>
>
>