I suppose that some Linux GUI firewalling tools out there might try to do some funky things such as loading RPMs for ipchains. Unfortunately, since I have found most GUI tools to be mostly just a layer on top of the ipchains/iptables commands, they mostly seemed like a waste of time compared to just twiddling with a script which I can review and quickly change when needed.
I'm not sure that it is too big of a deal to have both the iptables and ipchains RPMs installed. iptables won't run on 2.2.x kernels, but ipchains will run on 2.4.x kernels (iptables is superior however). On Mandrake they are loaded as kernel modules, and you can run only one or the other. If you try to load both of them, the kernel module loader (insmod and modprobe) will issue an error. Also, if you have the ipchains module loaded, use of the iptables command will result in errors. If you are in doubt as to which module you have loaded, try running 'lsmod' as root on the command line and look for 'ip_tables'. I'm not sure why Mandrake's tools would require ipchains for their functionality, unless they think you are using the 2.2.x kernel. Perhaps someone else has some ideas on that one. Rob Lyvim Xaphir wrote: >Thanks, Rob! That looks exactly like what I was looking for; I can't >wait to start experimenting. I've got a question, tho....have you >encountered a situation yet where a GUI config app thought it required >ipchains for something, and it tried to install ipchains rpms even >though iptables was there and fully functional? Are there "bad things" >that happen when this occurs? > >It's happened here, but things still work. I've been of a mind to rid >the system of all ipchains rpm debris and rely totally on the very >capable iptables system, but there do seem to be certain parts of >Mandrake control center that think they need ipchains. I'm curious as >to the "official" way to handle this; otherwise it looks like a choice >between the GUI and the command line; i.e., manual /etc/rc.d/rc.firewall >editing vs MCC, but not both. (?) >
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
