Yo, On 28-Jan-02 Hirsch Wolfgang wrote:

Hi all, which kernel-version should I take for my firewall box?

Conservatively spoken, I would recommend the latest 2.2 kernel and a decent ipchains firewalling setup, on a striped-down firewall host with a monolithic (i. e. non-modular) kernel and only the necessary software packages installed. This would result in a sturdy firewall host, with a set of well-known, very stable and security-tested apps and tools. However, the 2.4 kernels and the new firewalling user-space tool iptables are more flexible and support setting up more complex security scenarios, which may be important for you if you plan to extend your network(s) in the near future. You should take a look at ipchains' and iptables' features and the implementation of the two programs into their respective kernel trees (2.2. and 2.4.) before making your final decision.

greetings Wolfgang

Boris Lorenz ---