Rick,
I don't know IP Chains or Netfilter into details but I know
Netfilter supports "statefull inspection" (and probably some other
thingies).
I use OpenBSD with it's IP Filter and that uses "statefull inspection"
too. So I would prefer to go for Netfilter because of this feature, it
adds a great deal of protection and configuration possibilities.
For more info about netfilter view these links:
http://netfilter.kernelnotes.org/
http://www.securityportal.com/cover/coverstory20010122.html
http://www.securityportal.com/articles/netfilter20010219.html
Here is more information about netfilter in little comparisson to
IP Chains.
Hope this helps,
Brenno
> -----Original Message-----
> From: Rick Lim [SMTP:[EMAIL PROTECTED]]
> Sent: zaterdag 31 maart 2001 9:08
> To: firewalls@Lists. GNAC. NET
> Subject: Linux firewall
>
> Hi there,
> For a linux box, which is better as a firewall, and why
>
> 1)IPCHAINS
>
> 2)NETFILTER
>
> Thanks
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
