Re: where the people are using iptables
On Fri, 7 May 2004, David Fokkema wrote:
> On Thu, May 06, 2004 at 09:40:25AM +0200, Yasar Arman wrote:
> > On Wed, 5 May 2004, David Fokkema wrote:
> > >
> > > Basically, this means that every linux based firewall, whether it be
> > > graphical point-and-click interfaces, or script generating firewalls or
> > > whatever, they all use iptables to install their rules into the kernel.
> > >
> > Thats not true. There are some closed-source Firewalls out there (e.g.
> > Checkpoint FW-1) which have their own filters.
> I had no idea. Then these must be hacking into the kernel, right?
The kernel has some hooks to get the network data before they are
delivered to the higher protocol levels.
AFAIR you can use iptables/netfilter along with checkpoint fw-1, but this
could end up in unpredictable results.