[EMAIL PROTECTED] wrote:
>is anybody already deploying their firewalls based on netfilter/iptables?
>anyone planning to migrate from ipchains to netfilter?
>
>any compelling reasons to do so, aside from stateful inspection?
>any compelling reason NOT to do so?
If you're using a 2.4 kernel you're pretty much forced to migrate to iptables simply
because ipchains performance is really bad.
I upgraded a gateway/firewall machine to RH7.1 and the 2.4 kernel. It uses ipchains by
default. I immediately recieved complaints that network performance (as perceived by
users behind the firewall) deteriorated considerably. Migrating the firewall to
iptables fixed the performance problems.
>anyone want to share their horror stories on this?
JR
__________________________________
www.edsamail.com
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
