Linux IP Firewalling Chains 1.3.10 review
DownloadLinux IP Firewalling Chains is an update to the 2.0 Linux Firewalling code, for the 2.2 Linux kernel
|
|
Linux IP Firewalling Chains is an update to the 2.0 Linux Firewalling code, for the 2.2 Linux kernel. It is required to administer the IP packet filters in Linux kernel versions 2.1.102 and above. The older Linux firewalling code doesn't deal with fragments, has 32-bit counters (on Intel at least), doesn't allow specification of protocols other than TCP, UDP or ICMP, can't make large changes atomically, can't specify inverse rules, has some quirks, and can be tough to manage (making it prone to user error).
Currently the code is in the vanilla kernel sources from 2.1.102. For the 2.0 kernel series, you will need to download a kernel patch from the web page. If your 2.0 kernel is more recent than the supplied patch, the older patch should be OK; this part of the 2.0 kernels is fairly stable (eg. the 2.0.34 kernel patch works just fine on the 2.0.35 kernel). Since the 2.0 patch is incompatible with the ipportfw and ipautofw patches, I don't recommend applying it unless you really need some functionality that ipchains offers.
Linux IP Firewalling Chains 1.3.10 search tags