Hi On Wed, Dec 20, 2000 at 09:08:14AM -0500, S . Salman Ahmed wrote: [snip] > How is compiling in support for the natfilter components hard ?
Well, I suppose you should just read the help for all the options. I would have said it was hard, really. (Then again, I've compiled netfilter into kernels before, but never actually used it yet :) > A question about terminology, is netfilter == iptables ? As far as I know, netfilter is the generic infrastructure in the kernel that supports things like packet filtering, packet mangling etc. iptables is built on top of net filter to provide packet filtering/mangling for IP. netfilter is not restricted to IP. Just by the way, there is support in netfilter for ipchains and ipfwadm backward compatibility modules. i.e. if you want to upgrade to 2.4, but you don't want to figure out iptables at the same time, you could use the ipchains module and stick with your ipchains rules. Of course, ipfilter gives you more flexibility, so you probably want to switch over to it at some point anyway, so if you don't mind learning it now, that's probably the way to go. -- Michael Wood | Tel: +27 21 762 0276 | http://www.kingsley.co.za/ [EMAIL PROTECTED] | Fax: +27 21 761 9930 | Kingsley Technologies
