Hi,
many thanks. Is version 4.3 based on the IPtables?....and you mean SuSE 7.1?
SuSEfirewall is solely based on ipchains (which also works with the 2.4 kernel). SuSEfirewall2 will solely be based on iptables (first alpha end of this week on my homepage [www.suse.de/~marc]
(As I understand then IPtables make an improvement in the "memory" when compared with the stateless IPchains. Is this a good reason for skipping IPchains and start IPtables.....?)
you have the option to keep track of connection states. this is an improvement, yes, however not a big one in my opinion
Is the any more description for v.2.6 to learn aboat the possibilities? Or should I dig into the script SuSEfirewall to discover the "variables"?
if you want to learn about tcp/ip kernel functions and weird for() loops for ipchain rules generation, go for it (/sbin/SuSEfirwall) :-) but susefirewall2 will be nicer :)
How does SuSE react to the emerging security issues, namely does there is a internal patch development, or do you rely on the public resources?
SuSE was the first linux vendor with an own security team for auditing and research, and still has got the biggest team. Greets, Marc -- Marc Heuse, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: marc@suse.de Function: Security Research and Advisory PGP: "lynx -source http://www.suse.de/~marc/marc.pgp | pgp -fka" Key fingerprint = B5 07 B6 4E 9C EF 27 EE 16 D9 70 D4 87 B5 63 6C Private: http://www.suse.de/~marc SuSE: http://www.suse.de/security