Re: 2.1.x series with IP-Masqing

To: Steve Lamb <morpheus@teleute.ml.org>
Cc: Debian-user <debian-user@lists.debian.org>
Subject: Re: 2.1.x series with IP-Masqing
From: Nikolai Andreyevich Luzan <nikolai@Ukraine.humbug.org.au>
Date: Sun, 18 Oct 1998 16:16:11 +1000 (EST)
Message-id: <[🔎] Pine.LNX.3.96.981018161208.4139R-100000@Ukraine.humbug.org.au>
In-reply-to: <[🔎] E0zUiuc-000042-00@teleute.ml.org>

On Sat, 17 Oct 1998, Steve Lamb wrote:

>     Just a warning to anyone who is considering using the 2.1.x series since
> 2.2 is rumoured (I stress that word highly) to be out soon.  If you use
> IP-Masqing it appears that the 2.1.x kernels break ipfwadm.  With a broken
> ipfwadm it isn't possible to add/remove IP-Masqing rules like "normal." 
> There may have been another way, but I did this on my production machine
> (silly, I know) and just simply reverted back to my 2.0.x series kernel.
It's not so much that ipfwadm breaks with 2.1.102+ kernels as that the 
network firewall ing code (which was orrigionally 'borrowed' from BSD) 
has been completely re-written. This means that you will need to use
the ipchains package (not yet debianised) to do firewalling/masq'ing.
For those interested, and remember that when we go 2.2.0 you'll have
no choice, the ipchains homepage is at
http://www.adelaide.net.au/~rustcorp/ipfwchains/ipfwchains.html


Nikolai

Reply to:

Follow-Ups:
- Re: 2.1.x series with IP-Masqing
  - From: Manoj Srivastava <srivasta@datasync.com>

References:
- 2.1.x series with IP-Masqing
  - From: "Steve Lamb" <morpheus@teleute.ml.org>

Prev by Date: Re: Sendmail misconfigured?
Next by Date: bash without -O2
Previous by thread: Re: 2.1.x series with IP-Masqing
Next by thread: Re: 2.1.x series with IP-Masqing
Index(es):
- Date
- Thread