Re: where the people are using iptables

To: debian-firewall@lists.debian.org
Subject: Re: where the people are using iptables
From: Yasar Arman <mailinglistjunkadress-dontspamme@yait.de>
Date: Sun, 9 May 2004 14:25:48 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.58.0405091406430.3789@karla>
In-reply-to: <[🔎] 20040507200004.GA2463@nebula.ileos.home>
References: <[🔎] 1083693686.25511.86.camel@linux.upsa.es> <[🔎] 20040505080754.GA31341@nebula.ileos.home> <[🔎] Pine.LNX.4.58.0405060932340.11808@karla> <[🔎] 20040507200004.GA2463@nebula.ileos.home>

On Fri, 7 May 2004, David Fokkema wrote:

> On Thu, May 06, 2004 at 09:40:25AM +0200, Yasar Arman wrote:
> >
> >
> > On Wed, 5 May 2004, David Fokkema wrote:
> >
> > >
> > > Basically, this means that every linux based firewall, whether it be
> > > graphical point-and-click interfaces, or script generating firewalls or
> > > whatever, they all use iptables to install their rules into the kernel.
> > >
> >
> > Thats not true. There are some closed-source Firewalls out there (e.g.
> > Checkpoint FW-1) which have their own filters.
>
> I had no idea. Then these must be hacking into the kernel, right?
>

not necessarily.

The kernel has some hooks to get the network data before they are
delivered to the higher protocol levels.

AFAIR you can use iptables/netfilter along with checkpoint fw-1, but this
could end up in unpredictable results.

regards,

yasar

Reply to:

References:
- where the people are using iptables
  - From: Ghe Rivero <ghe@upsa.es>
- Re: where the people are using iptables
  - From: David Fokkema <dfokkema@ileos.nl>
- Re: where the people are using iptables
  - From: Yasar Arman <mailinglistjunkadress-dontspamme@yait.de>
- Re: where the people are using iptables
  - From: David Fokkema <dfokkema@ileos.nl>

Prev by Date: Re: ulogd-pcap file format not understood by ethereal
Next by Date: unsubscribe
Previous by thread: Re: where the people are using iptables
Next by thread: Re: where the people are using iptables
Index(es):
- Date
- Thread