Hi folks I read that SuSEfirewall on SuSE 7.1 (Kernel 2.4.0 (Standard)) is not supported? Is there any script who supported iptables? Or I have to recompile the 2.4.0 Kernel with ipchains support? Thanks Benny
Hi folks
I read that SuSEfirewall on SuSE 7.1 (Kernel 2.4.0 (Standard)) is not supported? Is there any script who supported iptables? Or I have to recompile the 2.4.0 Kernel with ipchains support?
The SuSE kernel does have support for ipchains, and it is recommended to configure a kernel to have this backwards compatibility. A new version of the SuSEfirewall script that supports iptables is in the works, but since the old one works quite well, you can as well use this one.
Thanks
Benny
Thanks,
Roman.
--
- -
| Roman Drahtmüller
Or I have to recompile the 2.4.0 Kernel with ipchains support?
The SuSE kernel does have support for ipchains, and it is recommended to configure a kernel to have this backwards compatibility.
To clarify this, Kernel 2.4 has something called netfilter which actually does packet filtering. To actually use it, you have a choice of packages offering user space commands, which talk to netfilter via loadable modules : iptables - latest and greatest ipchains - 2.2 comp ipfwadm - 2.0 compat These modules cannot be run simulataneously however. If you compile them into a kernel, only one is selectable. So to use the connection tracking of iptables, scripts like SuSE Firewall have to be updated to run with iptables, there's no way of mixing and matching features. Hope this helps (PS. Linux Magazine had a good article on this recently) Regards Rob
participants (3)
-
Benjamin Grogg
-
Robert Davies
-
Roman Drahtmueller