gabriel rosenkoetter on Fri, 2 Nov 2001 15:20:16 +0100


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] IPChains Question: HTTP port access


On Fri, Nov 02, 2001 at 07:38:45AM -0500, Timothy Lee Young wrote:
> I've considered IPtables--and I run Red Hat Linux 7.2 so it should be able
> to do it, but don't I have to do things like insmod or enable IP tables in
> the kernel?  I don't quite feel ready to fool around with the kernel on
> this yet, and IPchains is readily available.

Well, you're going to have to turn IP forwarding on if you want to
get packets from one side of your firewall to the other no matter
what. Is that all you meant?

The real reason to use IP Tables over IP Chains is that the former
is a true, stateful firewall that's actually useful in the real
world. The latter is only arguable useful on personal machines and
networks (and I'd argue that a stateful firewall does a better job
there). If nothing else, you might as well learn a useful skill set.

-- 
       ~ g r @ eclipsed.net

Attachment: pgpB6xWC51Z2y.pgp
Description: PGP signature