[TriLUG] iptables/ipchains (WAS: Security woes)

[Vestal, Roy L.]

Argh!! I don't have ipchains or iptables setup. I don't mind learning
either, but I don't know where to start and what to look for on this
problem.

Again, I just want to allow telnet, ftp, and vnc into the box from behind
our firewall, not from "the outside world". I didn't install this machine
with a firewall (RHL7.2 with "no firewall" option during setup.)

-----Original Message-----
From: Tanner Lovelace [mailto:lovelace at wayfarer.org]
Sent: Thursday, January 17, 2002 4:46 PM
To: trilug at trilug.org
Subject: RE: [TriLUG] iptables/ipchains (WAS: Security woes)


On Thu, 2002-01-17 at 16:37, Vestal, Roy L. wrote:
> Okey. I started poking around and found this:
> 
> >service ipchains status
> ipchains: Incompatible with this kernel
> 
> I'm assuming the above is my problem.  Now, what do I look for in my
kernel
> config to make sure I have everything setup correctly?  This is a custom
> 2.4.16 kernel with Win4Lin support and ext3 patch.
> 

IPChains was for the 2.2 kernel.  For the 2.4 kernel you really
should consider using iptables.  It will do everything ipchains
will, and it's easier to understand.  If you already have
a good ipchains setup, however, you can load the 'ipchains' module
which will allow you to use ipchains with the 2.4 kernel.

Tanner
-- 
Tanner Lovelace | lovelace at wayfarer.org | http://wtl.wayfarer.org/
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
GPG Fingerprint = A66C 8660 924F 5F8C 71DA  BDD0 CE09 4F8E DE76 39D4
GPG Key can be found at http://wtl.wayfarer.org/lovelace.gpg.asc
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
 Those who are willing to sacrifice essential liberties for a little 
 order, will lose both and deserve neither.  --  Benjamin Franklin 

 History teaches that grave threats to liberty often come in times
 of urgency, when constitutional rights seem too extravagant to 
 endure.  --  Justice Thurgood Marshall, 1989