Re: nat ipchains on debian woody
Hola Francisco
Francisco Castillo wrote:
Enrique,
I´m novice on debian, i have decided recently to change from redhat or
mandrake (fatal experiencie in two years), so excuse my ignorance.
First i dont know how to do this step "The first thinng you must do is to
install a kernel with IPTABLES support"
How can I do it ? How can i test if it is on my server?
all stock kernels > 2.4.x have iptables support. if you would
compile one for your needs you must make sure that iptables support
is checked. But for the kernel images you can install with apt this
is true.
perhaps it helps you to test some things with helper scripts. you
can search the available packages with apt-cache search
debian:~# apt-cache search iptables |less
acidlab - Analysis Console for Intrusion Databases
ferm - maintain and setup complicated firewall rules
firewall-easy - Easy to use packet filter firewall (usually zero config)
fwanalog - iptables log-file report generator (using analog)
fwbuilder-iptables - Linux iptables policy compiler for Firewall Builder
fwlogwatch - Firewall log analyzer
ipac-ng - IP Accounting for iptables( kernel >=2.4)
ipmenu - A cursel iptables/iproute2 GUI
kernel-patch-ttl - TTL matching and setting
kernel-patch-ulog - Netfilter userspace logging patch.
knetfilter - A GUI for configuring the 2.4 kernel IP Tables
ulogd - The Userspace Logging Daemon
iptables - Linux kernel 2.4+ iptables administration tools
iptables-dev - development files for iptable's libipq and libiptc
reaim - Enable AIM and MSN file transfer on Linux iptables based NAT
shorewall - Shoreline Firewall (Shorewall)
shorewall-doc - Shoreline Firewall (Shorewall) Documentation
then apt-cache show tells you more on a specific package:
i.e.: apt-cache show shorewall
perhaps you can install this and look how it works. read the
documentation and look at the source
to see what is installed by a package do
dpkg -L shorewall | less
greetings
chris
Reply to: