[tlug] Re: wither ipchains?

["big0" <big0@example.com>]

>   # rmmod iptables
>   # insmod ipchains

This is wroooooooooooong! There is no such thing like iptables or ipchains
kernel modules. Both are just user space programs to work with kernel
rules (netfilter or chains) 


>> Anyone know the latest on ipchains? The official website says that iptables
>> should be used in preference but nothing specifically on compatiblity with
>> kernels.

The netfilter is 2.4.x kernels way to do firewalling/nat. The rules are
managed by iptables program. You need to enable iptables in the kernel
configuration. 

The chains are 2.2.x kernels way. You can continue to use them also with
2.4.x kernels, but need to enable this in your kernel config. 

Exact kernel config options:
CONFIG_NETFILTER=y
CONFIG_IP_NF_IPTABLES=y  <- you can do maybe this like a module, but not a 
big deal. You will stiil need iptables user-mode program
CONFIG_IP_NF_COMPAT_IPCAHINS=y <- for ipchains compatibility
CONFIG_IP_NF_COMPAT_IPFWADM  <- for ipfwadm (kernels 2.0.x firewalling) 

>> 
>> ipchains seems fine with RH7.1 (kernel 2.4.9) but complains bitterly with
>> RH7.3 (kernel 2.4.18) 
>> 
>> ipchains: Incompatible with this kernel
This is typical error if the compatibility is not enabled in the kernel
config. 

 --
ISBN: 0060256575       OpenPGP: 0xBE40FF3E