thanks to all who responded to my recent post, Now I want to ask if portsentry is currently compatible with iptables? if it isn't and my system currently runs on iptables will the 2.4.x kernel support both ipchains and iptables at the same time? chris __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/
On Friday 03 August 2001 06:42, you wrote:
thanks to all who responded to my recent post,
Now I want to ask if portsentry is currently compatible with iptables? if it isn't and my system currently runs on iptables will the 2.4.x kernel support both ipchains and iptables at the same time?
chris
__________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/
Hello Chris, Yes, the kernel 2.4.x supports both ipchains and iptables.i don´t know if it is compatible with iptables i run portsentry with ipchains and kernel2.4.6 and 2.4.0. greets Andre
Hello Chris, Yes, the kernel 2.4.x supports both ipchains and iptables.i don�t know if it is compatible with iptables i run portsentry with ipchains and kernel2.4.6 and 2.4.0. greets Andre
Hi Andre! But can it both run the iptables and ipchains support at the same time? when I choose support ipchains in the kernel config menu, the iptables selection was gone and vice versa, or was it just me? chris __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/
But can it both run the iptables and ipchains support at the same time? No, it can't. when I choose support ipchains in the kernel config menu, the iptables selection was gone and vice versa, or was it just me? That's true.
I wouldn't run a 2.4.x kernel without special knowledge about iptables or dependency on other products which require ipchains (because ip_masq_ftp.o doesn't work anymore, for example). Just run 2.2.19, it is safe and stable. Of course this only applies to networked computers, at home behind the firewall you can try what you want ;-) Markus -- _____________________________ /"\ Markus Gaugusch ICQ 11374583 \ / ASCII Ribbon Campaign markus@gaugusch.dhs.org X Against HTML Mail / \
when I choose support ipchains in the kernel config menu, the iptables selection was gone and vice versa, or was it just me? That's true. I wouldn't run a 2.4.x kernel without special knowledge about iptables
Thanks for the enlightenment Mark, now to follow up, the SuSEfirewall package will support iptables and ipchains depending on which of the two you enabled for for your kernel on SuSE 7.1 + right? thanks again, chris __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/
Thanks for the enlightenment Mark, now to follow up, the SuSEfirewall package will support iptables and ipchains depending on which of the two you enabled for for your kernel on SuSE 7.1 + right? No, SuSEfirewall is for ipchains and SuSEfirewall2 (note the 2 at the end :) is for iptables. But I never used SuSEfirewall and always wrote my own scripts.
Markus -- _____________________________ /"\ Markus Gaugusch ICQ 11374583 \ / ASCII Ribbon Campaign markus@gaugusch.dhs.org X Against HTML Mail / \
Hi! Portsentry can also be configured to block the attakers ip via dropping the route by using the route-command (pe. route add -host w.x.y.z reject)! Greetings, Boris. -----Ursprungliche Nachricht----- Von: telco soltn [mailto:dc_telco@yahoo.com] Gesendet: Freitag, 3. August 2001 06:43 An: suse-security@suse.de Betreff: [suse-security] portsentry thanks to all who responded to my recent post, Now I want to ask if portsentry is currently compatible with iptables? if it isn't and my system currently runs on iptables will the 2.4.x kernel support both ipchains and iptables at the same time? chris __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ -- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
You can also modify portsentry.conf before compiling, adding this: KILL_ROUTE="/usr/sbin/iptables -I INPUT -s $TARGET$ -j REJECT" and commenting out any others. -- Glen On Fri, Aug 03, 2001 at 09:54:41AM +0200, Boris Kantwerk wrote:
Hi!
Portsentry can also be configured to block the attakers ip via dropping the route by using the route-command (pe. route add -host w.x.y.z reject)!
Greetings, Boris.
-----Ursprungliche Nachricht----- Von: telco soltn [mailto:dc_telco@yahoo.com] Gesendet: Freitag, 3. August 2001 06:43 An: suse-security@suse.de Betreff: [suse-security] portsentry
thanks to all who responded to my recent post,
Now I want to ask if portsentry is currently compatible with iptables? if it isn't and my system currently runs on iptables will the 2.4.x kernel support both ipchains and iptables at the same time?
chris
__________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
participants (5)
-
Andre Pfeiler
-
Boris Kantwerk
-
Glen Embertson
-
Markus Gaugusch
-
telco soltn