Re: ipchains X ipfw compatibility
On Wed, 26 Apr 2000, Ivan J. Varzinczak wrote:
> Hello, everybody!
> I'm translating a set of firewall rules from a BSD-Unix that
> uses ipfw to ipchains in linux 2.2.14.
> I have a rule that states the following:
> /sbin/ipfw add 1051 pass tcp from any to any established
> and I don't know how to translate this to ipchains, because of the
> option "established".
> May anyone give me any sugestions, please?
> Thanks in advance!
I think BSD-Unix uses a state firewall. On linux 2.3.99, netfilter knows
how to take actions based on the state of a
packet(NEW,ESTABLISHED,RELATED,INVALID). An example is given in its howto on
http://netfilter.kernelnotes.org. I suggest you read it, and if you like
it, try it, but remember, it only works on a development kernel.