Linux Security HOWTO
: Network Security
: IP Chains - Linux Kernel 2.2.x Firewalling
Previous: Firewalls
Next: VPN's - Virtual Private Networks
8.11. IP Chains - Linux Kernel 2.2.x Firewalling
Linux IP Firewalling Chains is an update to the 2.0 Linux firewalling
code for the 2.2 kernel. It has a great deal more features than
previous implementations, including:
- More flexible packet manipulations
- More complex accounting
- Simple policy changes possible atomically
- Fragments can be explicitly blocked, denied, etc.
- Logs suspicious packets.
- Can handle protocols other than ICMP/TCP/UDP.
If you are currently using ipfwadm on your 2.0 kernel, there are scripts
available to convert the ipfwadm command format to the format ipchains uses.
Be sure to read the IP Chains HOWTO for further information. It is
avilable at http://www.rustcorp.com/linux/ipchains/HOWTO.html
Linux Security HOWTO
: Network Security
: IP Chains - Linux Kernel 2.2.x Firewalling
Previous: Firewalls
Next: VPN's - Virtual Private Networks