[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ipchains X ipfw compatibility

On Wed, 26 Apr 2000, Ivan J. Varzinczak wrote:

> Hello, everybody!
> 	I'm translating a set of firewall rules from a BSD-Unix that
> uses ipfw to ipchains in linux 2.2.14.
> 	I have a rule that states the following:
> 	/sbin/ipfw add 1051 pass tcp from any to any established
> and I don't know how to translate this to ipchains, because of the
> option "established".
> 	May anyone give me any sugestions, please?
> Thanks in advance!
I think BSD-Unix uses a state firewall. On linux 2.3.99, netfilter knows
 how to take actions based on the state of a
packet(NEW,ESTABLISHED,RELATED,INVALID). An example is given in its howto on 
http://netfilter.kernelnotes.org. I suggest you read it, and if you like
it, try it, but remember, it only works on a development kernel.

Reply to: