Re: [tlug] Is having no "iptables" bad?

[Dave M G <martin@example.com>]

Stephen,

Thank you for responding.

> No.  Appearances to the contrary...

"It's a waste of your time" certainly seemed contrary. But, if you say:

> everybody is in agreement that that is the right plan.

Then I'll take it on faith that the term "waste of time" is more 
flexible than I first thought.

I guess I'll stick with my original plan, then.

My only issue right now is that I'm not sure I've selected the right 
ip_tables/netfilter options, and they certainly don't seem to be 
activated. My firewall still complains of no iptables.

What I've found in xconfig is:
Networking | Network packet filtering (replaces ipchains) | Core 
Netfilter Configuration | Netfilter Xtables support (required for ip_tables)

Under that branch, is a whole list of options, such as:
"CLASSIFY" target support
"MARK" target support
"NFQUEUE" target support

... and so on. All told there are 23 options. Do I need them all?

I tried selecting them all, and to compile them as modules, I ran "sudo 
make modules modules_install". But it returned an error:

make: *** No rule to make target `modules'.  Stop.

Am I enabling the right modules?

What do I do to get them to actually be in effect?

--
Dave M G