Not registered ? Sign Up!
IceWalkers.com - Linux Software downloads and news
Name : Password :
Forgot your password?
Linux SoftwareLinux RPMLinux HowtosLink UsAboutAdvertise
What's new? | Linux Software | Linux RPM Database | Linux Howtos | Add Software |
Take our Quick Survey and enter a drawing for a chance to win a $100 VISA Gift Card.

Linux IPCHAINS HOWTO

Search Howtos :Match :
Howtos Index
Next Previous Contents

1. Introduction

This is the Linux IPCHAINS-HOWTO; see Where? for the master site, which contains the latest copy. You should read the Linux NET-3-HOWTO as well. The IP-Masquerading HOWTO, the PPP-HOWTO, the Ethernet-HOWTO and the Firewall HOWTO might make interesting reading. (Then again, so might the alt.fan.bigfoot FAQ).

If packet filtering is passe to you, read Section Why?, Section How?, and scan through the titles in Section IP Firewalling Chains.

If you are converting from ipfwadm, read Section Introduction, Section How?, and Appendices in section Differences between ipchains and ipfwadm and section Using the `ipfwadm-wrapper' script.

1.1 What?

Linux ipchains is a rewrite of the Linux IPv4 firewalling code (which was mainly stolen from BSD) and a rewrite of ipfwadm, which was a rewrite of BSD's ipfw, I believe. It is required to administer the IP packet filters in Linux kernel versions 2.1.102 and above.

1.2 Why?

The older Linux firewalling code doesn't deal with fragments, has 32-bit counters (on Intel at least), doesn't allow specification of protocols other than TCP, UDP or ICMP, can't make large changes atomically, can't specify inverse rules, has some quirks, and can be tough to manage (making it prone to user error).

1.3 How?

Currently the code is in the mainstream kernel from 2.1.102. For the 2.0 kernel series, you will need to download a kernel patch from the web page. If your 2.0 kernel is more recent than the supplied patch, the older patch should be OK; this part of the 2.0 kernels is fairly stable (eg. the 2.0.34 kernel patch works just fine on the 2.0.35 kernel). Since the 2.0 patch is incompatible with the ipportfw and ipautofw patches, I don't recommend applying it unless you really need some functionality that ipchains offers.

1.4 Where?

The official page is in three places: Thanks to Penguin Computing Thanks to the SAMBA Team Thanks to Jim Pick

There is a mailing list for bug reports, discussion, development and usage. Join the mailing list by sending a message containing the word ``subscribe ipchains-list'' to subscribe at east.balius.com. To mail to everyone on the list use ipchains-list at east.balius.com.

Next Previous Contents
Search Howtos :Match :
Howtos Index
Linux Kernel 2.4 2.4.37.7
Linux Kernel
JEdit 4.3pre18
Programmers text editor
ImageMagick 6.5.7.5
ImageMagick image processing studio
Krusader 2.1.0-beta1
Twin-Panel filemanager for KDE3
LilyPond 2.13.7
Music typesetter.
KDevelop 4.0 beta6
Integrated Development Environment for Unix/X11
KDE 4.3.3
Powerful Open Source graphical desktop environment.
WebGUI 7.7.25
A fully featured content management system.
SimplyMEPIS 8.0.12
Run the Linux operating system from your CD or DVD drive
Fedora 12 rc1
Community-supported open source distribution
Free IT Magazines, White Papers, eBooks, and more !
Oracle Magazine

Contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more.
Vulnerability Management for Dummies

Get all the Facts and See How to Implement a Successful Vulnerability Management Program.
Website Magazine

Has tapped premier talent in the Internet industry for our content and each and every issue will contain practical advice and insights for website owners.

Linux Software Map
Find Linux RPM
Best Rated Linux Software
Most Rated Linux Software
Linux Distributions
Linux Howtos
Quick Survey

Please take our survey and help us improve our website to serve you better.

Thank you.
Linux Software
Linux / IT Resources
Site Resources
Google
Privacy Policy
Contact Us
Submit Software
Advertising info