Re: ipchains or iptables? (was: X version)

To: debian-user@lists.debian.org
Subject: Re: ipchains or iptables? (was: X version)
From: Cam Ellison <cam@ellisonet.ca>
Date: Sat, 1 Jun 2002 07:04:05 -0700
Message-id: <[🔎] 20020601140405.GB31620@dccnet.com>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20020601091013.GA30898@araqnid.ddts.net>
References: <20020530193755.GA4424@uol.com.br> <20020530233939.53b69a6b.afterimage@gmx.net> <20020531205408.GC1508@quiknet.com> <E17Dto2-0000K4-00@smtp01.mrf.mail.rcn.net> <20020531225215.GB2966@quiknet.com> <[🔎] 20020601091013.GA30898@araqnid.ddts.net>

There is no provision that I am aware of in 2.2 kernels for iptables.
You do have to set up packet filtering, etc., when you build your
kernel.  2.4 kernels do allow for ipchains, but you must selet that
option when you build them.  Selecting one (ipchains or iptables)
blocks use of the other, so the presence of iptables directories,
etc. in your woody distribution should have no effect.  It does
nothing in mine but take up space (I'm running woody with 2.4.18 and
using ipchains).  Woody also provides some ipchains scripting that is
not present in potato.  I'd look for that (I'd point you to it, except
that I think I wiped it out, having my own startup script).

Good luck

Cam

* Steve Haslam (araqnid@debian.org) wrote:
> On Fri, May 31, 2002 at 03:52:15PM -0700, Paul E Condon wrote:
> > OK, so I'm really using kernel 2.2.19, but...
> > I have been under the impression that the method of packet filtering/forwarding
> > changed from something called 'ipchains' in 2.2 to something called 'iptables'
> > in 2.4. I see that 'iptables' stuff has been added in various places to my
> > file system, and 'ipchains' stuff seems to have been clobbered. I would like 
> > not to become too involved in network admin, but to fix my system I need to 
> > rebuild some stuff. How can I determine if I should follow recipes for 
> > 'ipchains' or 'iptables' ? ( Or am I truly misinformed? )
> 
> version 2.4 kernels may support ipchains backwards-compatibility. you could
> try running "ipchains -L"  and see if it works. (you can't use both iptables
> and ipchains simultaneously, even with back-compat. enabled).
> 
> Hmm, I belive that ipchains should still be installable-- it's still in
> unstable, and ipmasq will still use it if requested.
> 
> iptables is better though, gives you access to stateful filtering and is
> more extensible. (I was able to fix some MTU breakage between here and work
> with it).
> 
> SRH

-- 
Cam Ellison Ph.D. R.Psych.
From Roberts Creek on B.C.'s incomparable Sunshine Coast
cam@ellisonet.ca
camellison@dccnet.com
cam@fleuryassociates.com

--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- ipchains or iptables? (was: X version)
  - From: Steve Haslam <araqnid@debian.org>

Prev by Date: Re: Linux Gaming
Next by Date: Re: X server setup
Previous by thread: ipchains or iptables? (was: X version)
Next by thread: Re: Debian ports [was: Re: Weirdness in "apt-get upgrade"]
Index(es):
- Date
- Thread