On Sun, Oct 24, 2004 at 11:14:48PM -0700, michal wrote: > What's the difference between firewall and TCP wrapper?
A firewall is a somewhat general term, and one could argue that tcpwrappers are a form of firewall. > If I have > installed iptables should I also install tcp wrraper? What advantages > will I have after installing tcp wrapper? They work on different level. tcpwrappers run in user mode, and generally accept the connection, obtain the remote client info (IP address/port), perform DNS lookup if necessary, and then, basing its decision on the /etc/hosts.* files, either let the service in question run, or reject the connection. Netfilter (which is the firewalling part of iptables) works in kernel mode, and deals with individual packets (although the state automaton allows one to treat established connections differently). Except from that it works with numeric addresses only (cannot perform DNS lookups after having been set up), it is a more general mechanism than tcpwrappers, since it can deal with protocols different than TCP and UDP (does tcpwrappers support UDP at all?). Generally tcpwrappers is simpler to set up, provided that the service can be launched from inetd or is linked with tcpwrappers. However it has higher overhead, and therefore may underperform in case of a heavy DoS attack. regards, Marcin -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
