ipchains have been superseded by iptables. Unless you have a complex script that uses ipchains already, you're best starting your education with iptables. I suspect that the new kernel 2.6/3.0 won't have ipchains supported anylonger. They're already backgrounded in favour of iptables in 2.4.X
That said, I've found this page to be very, very useful for setting the various firewall rules that I've needed: http://www.extra300.nl/rc.firewall.txt Ian ------------ Dr Ian Firla Robert Graves Trust | "A partial count of the software available St John's College, Oxford | in just one noncommerical Linux system OX1 3JP - +44-(0)7855-310565 | would have cost about $1.9 billion to develop http://www.robertgraves.org | ... the way Microsoft does it" Bruce Perens On Mon, 25 Nov 2002, Jason Dale wrote: > Hi Jim , > > I would like to start getting into the configuration of firewalls using > programs > like ipchains , rather than relying on the firewall setup program that runs > while installing the system. > > Besides the man pages and usual documentation , are there any great > tutorials out there that you know of that cover programs like ipchains ? > > Thanks in advance , > > Jason > > ----- Original Message ----- > From: "James P. Roberts" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Sunday, November 24, 2002 5:39 AM > Subject: Re: firewall > > > > > I have activated the firewall for my machine through > > > setup->firewall configuration menu. Now, I know it's working > > > because I did a probe on may machine a www.grc.com before and > > > after enabling the firewall, before the activation of the > > > firewall some ports were just "closed" now all the tested ports > > > were "stealth", so the firewall works. > > > > > > My problem is that scanning attempts don't seem to be logged. > > > Were are these scans logged by the firewall and what should I do > > > (if anything) to start logging them ? > > > > > > And another question, does the forewall setup tool from rh 7.1 > > > use iptables or ipchains ? > > > > > > > ipchains. > > > > Personally, I find iptables to be superior, so I build my own firewall > > with iptables, and do not depend on the RH 7.1 installation method. > > > > Portsentry is supposed to do a nice job of logging scan attempts. > > > > Jim > > > > > > > > _______________________________________________ > > Seawolf-list mailing list > > [EMAIL PROTECTED] > > https://listman.redhat.com/mailman/listinfo/seawolf-list > > > > _______________________________________________ > Seawolf-list mailing list > [EMAIL PROTECTED] > https://listman.redhat.com/mailman/listinfo/seawolf-list > _______________________________________________ Seawolf-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/seawolf-list
