Quoting Georges Toth <[EMAIL PROTECTED]>:
>
> i tried to disable ipchains so that i can use iptables.
> but it didn't work ;(
> so i've uninstalled iptables and everything is up again.
>
>
> i would really try a newer kernel (currently using 2.4.0),
> but i can't risk that the server doesn't boot after the restart ;)
>
It's really a snap :) The only thing required is that you must be in front of
the actual machine when it boots, if you do it the safe way... which is to have
multiple kernels...
In so far as disabling ipchains, this is done in /etc/sysconfig If you
installed "with" firewall, you will find here a script called ipchains. This is
called by the ipchains init script in /etc/rc.d/init.d/ If there is no ipchains
script in /etc/sysconfig, then ipchains will not be loaded :) Similarly, if
there is an iptables script, iptables will be loaded.
The beauty of compiling directly into the kernel is the feature is always
there... while this does require more memory to load the kernel, this shouldn't
be a problem on this type of box, as you shouldn't be loading all kinds of
multimedia stuff. This is why a custom tuned kernel can actually run faster.
Once you look at all the "goodies" you can compile in... you can actually get
kind of "happy" with it all.
>
>
>
>
> regards,
> Georges Toth
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Barbara A.
> > Severance
> > Sent: Mittwoch, 4. Juli 2001 16:39
> > To: [EMAIL PROTECTED]
> > Subject: Re: iptables -- ipchains
> >
> >
> > Quoting Damion Parry <[EMAIL PROTECTED]>:
> >
> > > Sorry, I just had another look at this, and if you are running on a
> RH
> > > 7.1, ipchains is turned on as default, and the iptables executable
> is
> > > present, and so you get a lot of errors from iptables because it
> can't
> > > compete with ipchains. You need to turn off ipchains, and turn on
> > > iptables.
> > This is true only if you install firewalling... I suggest saying
> > no at this
> > point in the install...
> >
> > >
> > > iptables has a fair few advantages over ipchains, the main being
> the
> > > easier configuration: with ipchains you have to run each of you're
> > > webservers on a different port (ie: vsone on 8081, vstwo on 8082),
> > > whereas with iptables, they can all run on 8080.
> >
> > IPTables has GREAT advantages over IPChains....
> >
> > A suggestion for those who are using 7.1 Get the 2.4.5 kernel source
> from
> > kernel.org, and then go to netfilter.samba.org and get the latest
> > netfilter
> > (iptables) sources. I actually got the CVS, as there is a newer patch
> in
> > there... recompile your kernel, enabling iptables in the kernel,
> > and not as a
> > loadable module. Then you will have iptables available as soon as
> > the kernel
> > loads, and will eliminate errors. In addition, this kernel is really
> fast!
> > >
> > > Apologies,
> > > Damion.
> > >
> > > Georges Toth wrote:
> > > >
> > > > hi,
> > > >
> > > > freevsd-1.4.9-rh7 seems to try, to insmod iptables.
> > > > i havn't currently installed a kernel with iptables support.
> > > > is there a way to have the 1.4.9-rh7 version running with ipchains
> ?
> > > >
> > > > thnx
> > > >
> > > > regards,
> > > > Georges Toth
> > > > ------------------------- The freeVSD Support List
> > > --------------------------
> > > > Subscribe:
> > > mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support
> > > > Unsubscribe:
> > > mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support
> > > > Archives:
> > > http://freevsd.org/support/mail-archives/freevsd-support
> > > >
> > >
> > ------------------------------------------------------------------
> > -----------
> > > ------------------------- The freeVSD Support List
> > > --------------------------
> > > Subscribe:
> > > mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support
> > > Unsubscribe:
> > > mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support
> > > Archives:
> http://freevsd.org/support/mail-archives/freevsd-support
> > >
> > ------------------------------------------------------------------
> > -----------
> > >
> >
> >
> >
> > Barbara A. Severance
> > The Digital Horseman
> > http://www.digihorse.com
> > ------------------------- The freeVSD Support List
> > --------------------------
> > Subscribe:
> mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support
> > Unsubscribe:
> > mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support
> > Archives:
> http://freevsd.org/support/mail-archives/freevsd-support
> > ------------------------------------------------------------------
> > -----------
> >
> >
>
> ------------------------- The freeVSD Support List
> --------------------------
> Subscribe:
> mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support
> Unsubscribe:
> mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support
> Archives: http://freevsd.org/support/mail-archives/freevsd-support
> -----------------------------------------------------------------------------
>
Barbara A. Severance
The Digital Horseman
http://www.digihorse.com
------------------------- The freeVSD Support List --------------------------
Subscribe: mailto:[EMAIL PROTECTED]?body=subscribe%20freevsd-support
Unsubscribe: mailto:[EMAIL PROTECTED]?body=unsubscribe%20freevsd-support
Archives: http://freevsd.org/support/mail-archives/freevsd-support
-----------------------------------------------------------------------------
