[OT] iptables kernel dependency Re: RFC: denyhosts

To: debian-mentors@lists.debian.org
Subject: [OT] iptables kernel dependency Re: RFC: denyhosts
From: Justin Pryzby <justinpryzby@users.sourceforge.net>
Date: Mon, 16 Jan 2006 16:53:45 -0500
Message-id: <[🔎] 20060116215345.GA10532@andromeda>
In-reply-to: <[🔎] 863bjnvp6i.fsf@alhambra.kuesterei.ch>
References: <[🔎] 20060116192425.68e04f93@localhost.localdomain> <[🔎] 20060116184812.GE32091@ngolde.de> <[🔎] 20060116195958.2fd34277@localhost.localdomain> <[🔎] 20060116192940.GB17245@ngolde.de> <[🔎] 863bjnvp6i.fsf@alhambra.kuesterei.ch>

On Mon, Jan 16, 2006 at 10:27:33PM +0100, Frank K?ster wrote:
> Nico Golde <nico@ngolde.de> wrote:
> 
> > Yes and I think its alot better than adding a bunch of ips 
> > to /etc/hosts.deny.
> > And iptables is only a dependency like any other...
> 
> I have no understanding of what a packetfilter firewall actually does,
> and therefore I won't install one.  On the other hand, it's easy (for
> me) to understand how hosts.deny works.
> 
> Furthermore, AFAIK iptables isn't a dependency, but rather a
> configuration option when compiling the kernel - then it is *not* a
> dependency like any other.
Well, it is both.  /sbin/iptables manipulates the kernel (how it
communicates, I don't know).  It will probably barf if there's not
kernel support.  OTOH Debian kernels will have this enabled as a
module.

-- 
Clear skies,
Justin

Reply to:

References:
- RFC: denyhosts
  - From: Marco Bertorello <marco@bertorello.ns0.it>
- Re: RFC: denyhosts
  - From: Nico Golde <nico@ngolde.de>
- Re: RFC: denyhosts
  - From: Marco Bertorello <marco@bertorello.ns0.it>
- Re: RFC: denyhosts
  - From: Nico Golde <nico@ngolde.de>
- Re: RFC: denyhosts
  - From: Frank Küster <frank@debian.org>

Prev by Date: Custom Debian Installer
Next by Date: Re: Custom Debian Installer
Previous by thread: Re: RFC: denyhosts
Next by thread: Re: RFC: denyhosts
Index(es):
- Date
- Thread