[OT] iptables kernel dependency Re: RFC: denyhosts
On Mon, Jan 16, 2006 at 10:27:33PM +0100, Frank K?ster wrote:
> Nico Golde <nico@ngolde.de> wrote:
>
> > Yes and I think its alot better than adding a bunch of ips
> > to /etc/hosts.deny.
> > And iptables is only a dependency like any other...
>
> I have no understanding of what a packetfilter firewall actually does,
> and therefore I won't install one. On the other hand, it's easy (for
> me) to understand how hosts.deny works.
>
> Furthermore, AFAIK iptables isn't a dependency, but rather a
> configuration option when compiling the kernel - then it is *not* a
> dependency like any other.
Well, it is both. /sbin/iptables manipulates the kernel (how it
communicates, I don't know). It will probably barf if there's not
kernel support. OTOH Debian kernels will have this enabled as a
module.
--
Clear skies,
Justin
Reply to: