On Thu, 11 Sep 2003 19:32:38 +0200 "Matthias F. Brandstetter" <[EMAIL PROTECTED]> wrote:
> ---------- quoting Collins Richey ---------- > > All I can add is ditto; Shorewall is great. I might add, I'm using > > it with the 2.6 kernels (now on -test5). It provides very > > meaningful log messages (/var/log/messages unless you alter your > > syslog setup). After my initial setup, I discovered that my > > default setup was rejecting samba traffic from my lan, and that was > > trivial to fix. > > Ahh, good point -- I did not try 2.6 kernel so far, and have a > question: Is (and if yes what) there something "new" (some changes) > in the netfilter implementation from 2.4 to 2.6? I mean, something > like ipchains --> iptables from 2.2 to 2.4, or can I still use my > firewall scripts with a 2.6 kernel? > I can't answer that. I've only done shorewall/firewall on 2.6. The only extra requirement that I found for shorewall is iproute-20010824-r4 (masked). The rest was like falling off a log. My generall impression is that the netfilter implementation changes are only those required by 2.6 architectural changes and more bugfixes. -- Collins Richey - Denver Area if you fill your heart with regrets of yesterday and the worries of tomorrow, you have no today to be thankful for. -- [EMAIL PROTECTED] mailing list
