Hi, > cool - i'd like to do this until i get a chance to sit down and learn > netfilter. i assume i can simply cd into /usr/src/linux-2.2.17/wherever and > do a modprobe -a ipchains.o? > > what is the appropriate module? If you want to stay with iptables you have to compile a module for your new kernel, but iptables + nat isn't that different, see below... > > > i'd like to learn how to drop packets coming from a particular host -- is > > > there a netfilter howto yet? i didn't see anything on LDP. > > > > There is one on Debiandiary (or a link to one) and there are some ready-made > > iptables scripts. HOWTO: http://netfilter.kernelnotes.org/unreliable-guides/packet-filtering-HOWTO-1.htm I changed to a 2.4-kernel 3 weeks ago. It wasn't too hard to change my ipchains-script to iptables (3-4 hours to rewrite it and get the idea of what is possible now; concerning my more geriatric than vetust brain ...) MH -- (Dr.) Michael Hummel mailto: mh@seitung.net molino@gmx.net -- fprint = F24D EAC6 E3D7 372C 9122 D510 EB24 01CA 0B56 B518 key: http://www.seitung.net/key
Attachment:
pgpdl68YkWWT4.pgp
Description: PGP signature