Re: 2.1.x series with IP-Masqing
On Sat, 17 Oct 1998, Steve Lamb wrote:
> Just a warning to anyone who is considering using the 2.1.x series since
> 2.2 is rumoured (I stress that word highly) to be out soon. If you use
> IP-Masqing it appears that the 2.1.x kernels break ipfwadm. With a broken
> ipfwadm it isn't possible to add/remove IP-Masqing rules like "normal."
> There may have been another way, but I did this on my production machine
> (silly, I know) and just simply reverted back to my 2.0.x series kernel.
It's not so much that ipfwadm breaks with 2.1.102+ kernels as that the
network firewall ing code (which was orrigionally 'borrowed' from BSD)
has been completely re-written. This means that you will need to use
the ipchains package (not yet debianised) to do firewalling/masq'ing.
For those interested, and remember that when we go 2.2.0 you'll have
no choice, the ipchains homepage is at
http://www.adelaide.net.au/~rustcorp/ipfwchains/ipfwchains.html
Nikolai
Reply to: