Re: where the people are using iptables
On Fri, 7 May 2004, David Fokkema wrote:
> On Thu, May 06, 2004 at 09:40:25AM +0200, Yasar Arman wrote:
> >
> >
> > On Wed, 5 May 2004, David Fokkema wrote:
> >
> > >
> > > Basically, this means that every linux based firewall, whether it be
> > > graphical point-and-click interfaces, or script generating firewalls or
> > > whatever, they all use iptables to install their rules into the kernel.
> > >
> >
> > Thats not true. There are some closed-source Firewalls out there (e.g.
> > Checkpoint FW-1) which have their own filters.
>
> I had no idea. Then these must be hacking into the kernel, right?
>
not necessarily.
The kernel has some hooks to get the network data before they are
delivered to the higher protocol levels.
AFAIR you can use iptables/netfilter along with checkpoint fw-1, but this
could end up in unpredictable results.
regards,
yasar
Reply to: