Linux Online - Linux IPCHAINS-HOWTO: Introduction
Linux IPCHAINS-HOWTO:
IntroductionNext
Previous Contents
1. Introduction
This is the Linux IPCHAINS-HOWTO; see Where?
for the master site, which contains the latest copy. You should read the
Linux NET-3-HOWTO as well. The IP-Masquerading HOWTO, the PPP-HOWTO, the
Ethernet-HOWTO and the Firewall HOWTO might make interesting reading.
(Then again, so might the alt.fan.bigfoot FAQ).
If packet filtering is passe to you, read Section Why?,
Section How?,
and scan through the titles in Section IP
Firewalling Chains.
If you are converting from ipfwadm, read Section Introduction,
Section How?,
and Appendices in section Differences
between ipchains and ipfwadm and section Using
the `ipfwadm-wrapper' script.
1.1 What?
Linux ipchains is a rewrite of the Linux IPv4 firewalling
code (which was mainly stolen from BSD) and a rewrite of
ipfwadm, which was a rewrite of BSD's ipfw, I
believe. It is required to administer the IP packet filters in Linux
kernel versions 2.1.102 and above.
1.2 Why?
The older Linux firewalling code doesn't deal with fragments, has
32-bit counters (on Intel at least), doesn't allow specification of
protocols other than TCP, UDP or ICMP, can't make large changes
atomically, can't specify inverse rules, has some quirks, and can be tough
to manage (making it prone to user error).
1.3 How?
Currently the code is in the mainstream kernel from 2.1.102. For the
2.0 kernel series, you will need to download a kernel patch from the web
page. If your 2.0 kernel is more recent than the supplied patch, the older
patch should be OK; this part of the 2.0 kernels is fairly stable (eg. the
2.0.34 kernel patch works just fine on the 2.0.35 kernel). Since the 2.0
patch is incompatible with the ipportfw and ipautofw patches, I don't
recommend applying it unless you really need some functionality that
ipchains offers.
1.4 Where?
The official page is in three places: Thanks to Penguin
Computing Thanks to
the SAMBA Team Thanks to Jim Pick
There is a mailing list for bug reports, discussion, development and
usage. Join the mailing list by sending a message containing the word
``subscribe ipchains-list'' to subscribe at east.balius.com. To mail to
everyone on the list use ipchains-list at east.balius.com.
Next
Previous Contents
URLWatch: For
notice when this page changes, fill in your email address.
Maintained by: Webmaster, Linux Online Inc.Last
modified: 05-Jul-2000 12:52PM.Views since 16-Aug-2000: 1794.
Material copyright Linux
Documentation Project.Design and compilation copyright ©1994-2000
Linux Online
Inc.URLWatch provided by URLWatch Services.Internet services provided by AiNET.All rights
reserved.
Wyszukiwarka
Podobne podstrony:
Linux IPCHAINS HOWTO IntroductionLinux Online Linux IPCHAINS HOWTO Packet Filtering BasicsLinux Online Linux IPCHAINS HOWTO Appendix Differences between ipchains and ipfwadmLinux Online Linux IPCHAINS HOWTO Appendix Using the ipfwadm wrapper scriptLinux Online Linux IPCHAINS HOWTO IP Firewalling ChainsLinux Online Linux IPCHAINS HOWTO Appendix ThanksLinux Online Linux IPCHAINS HOWTOLinux Online Linux IPCHAINS HOWTO Common ProblemsLinux Online Linux IPCHAINS HOWTO I m confused! Routing, masquerading, portforwarding, ipautofwLinux IPCHAINS HOWTO Appendix Differences between ipchains and ipfwadmLinux IPCHAINS HOWTO I m confused! Routing, masquerading, portforwarding, ipautofwLinux IPCHAINS HOWTO MiscellaneousLinux IPCHAINS HOWTOLinux IPCHAINS HOWTO A Serious ExampleLinux IPCHAINS HOWTO Packet Filtering BasicsLinux IPCHAINS HOWTO Appendix Using the ipfwadm wrapper scriptLinux IPCHAINS HOWTOLinux IPCHAINS HOWTO Common Problemswięcej podobnych podstron