* Steven (stevenschlansker@sbcglobal.net) [030726 09:44]: > > On Saturday, July 26, 2003, at 09:06 AM, Andreas Janssen wrote: > > >Hello > > > >Steven wrote: > > > >>I'm recompiling my kernel - I forgot to add ipchains support last > >>time. > >> The problem is that ipchains isn't listed in the menuconfig stuff. > >>Where do I build it in? I also searched .config for ipchains, but it > >>wasn't found. Thanks for any help. > >>Steven > > > >What kernel do you use? Using menuconfig with 2.4, ipchains is in: > > 2.4.18 > > > > >Main Menu => > >Networking options => > >IP: Netfilter Configuration => > No such option > >ipchains (2.2-style) support > > Should I enable the Network packet filtering? Is this the same thing? > It says that it replaces ipchains... Yes. The 2.4 kernel series infrastructure (called "netfilter") is vastly improved over the old 2.2 stuff. The new tool to manipulate the packet filtering is called iptables, which, while very similar to ipchains, is also improved. If you are not in an urgent situation to get your packet filter up and running yesterday, I'd say it's worth spending some time to learn about the differences in the new system to see how you can probably improve your rule set by making it more powerful and at the same time simpler. ipchains is provided for backwards compatibility, but it's (comparitively) limited. AFAIK, it's just as good as using the old 2.2 kernel for your firewall. Plus, since iptables has been out for so long, I think if you ever need help with your ruleset, you're more likely to find people with day-to-day familiarity with the new system, which would give you greater access to more accurate, better (and more recently) tested advice. good times, Vineet -- http://www.doorstop.net/ -- http://www.debian.org/
Attachment:
signature.asc
Description: Digital signature