[ale] ipchains in 2.4.13

Matt Kern lightcap at telocity.com
Wed Jan 23 15:52:46 EST 2002 



-----Original Message-----
From: James P. Kinney III [mailto:jkinney at localnetsolutions.com] 
To: ale at ale.org
Sent: Wednesday, January 23, 2002 3:30 PM
To: cfowler at outpostsentinel.com
Cc: Atlanta Linux User Group (E-mail)
Subject: Re: [ale] ipchains in 2.4.13

Avoid setting up new uses of ipchains. It's no longer under development
as it has been replaced with iptables. It was replaced because of
several fundamental design flaws. iptables is HIGHLY recommended. The
only reason to keep using ipchains is if the kernel won't support
iptables. As iptables has been backported to 2.2 kernels for quite a
while now, there is no excuse at all other than stubborness. 

[Matt Kern] 
What about if you need to vpn?  I haven't seen a patch to allow vpn yet
(like ip_masq_pptp or ip_masq_ipsec)...or is it just plain not needed?
That's all that's held me back...


Once the
(small) relearning curve is over, the rewards of easier maintainence of
firewall rules, as well as capabilities that did not exist in ipchains,
will be appreciated.

On Wed, 2002-01-23 at 10:41, Chris Fowler wrote:
> I want to use ipchains in 2.4.13.   I'm compiling my own kernel to
support this.  I do not want iptables support.  Below are my simple
rules
> 
> #create chains
> /sbin/ipchains  -N user_msq
> /sbin/ipchains  -A user_msq -s 0/0 -d 0/0 -j MASQ
> 
> #forward packets
> /sbin/ipchains  -A forward -s 192.168.1.0/24 -d 0/0 -i eth1 -j
user_msq
> 
> #load modules
> /sbin/insmod    ip_masq_cuseeme
> /sbin/insmod    ip_masq_irc
> /sbin/insmod    ip_masq_raudio
> /sbin/insmod    ip_masq_vdolive
> /sbin/insmod    ip_masq_ftp
> /sbin/insmod    ip_masq_quake
> 
> 
> 
> I have compiled support for ipchains.  Is that all I need to be able
to apply rules and apply masq rules?  
> 
> Thanks,
> Chris
> 
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems
should be 
> sent to listmaster at ale dot org.
> 
-- 
James P. Kinney III   \Changing the mobile computing world/
President and COO      \          one Linux user         /
Local Net Solutions,LLC \           at a time.          /
770-493-8244             \.___________________________./

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 




---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list