Yes, iptables is way more versatile than ipchains, and ipchains is no longer supported in the redhat kernel by default.
As far as i know, with iptables you can filter packets based on IP flag combination (a great feature), can limit the amount of packets received to prevent log file flooding (another great feature) etc. I recommend using IPTables.org firewall, it's a great iptables based firewall, it's modular and well supported, even more, the writer gives a less-than-a-minute support on most cases. You will see all the GIPTables features when you read the config file. Regards Jose Maria = = = Original message = = = You need to use iptables. On Wed, 17 Sep 2003, Reuben D. Budiardja wrote: > > Hello, > I am trying to run some ipchains command for NAT-ing with RH 9, which acts as > a master node for a beowulf cluster. > > When running ipchainsI got the message "Protocol not available". This led me > to thinking (and after some googling) that probably the correct kernel module > is not loaded. When try to load the module ipchains, I got the error below. > > My question, is RH 9 stock kernel still support ipchains? > > I know it's old and probably iptables is better, but the ipchains script is a > legacy code that I thought I just use it for now, to make things work, and > probably convert it to use iptables with shorewall as firewall or something > like that. > > The result of lsmod also included. Any help is greatly appreciated. > > Thanks > Reuben D. Budiardja > ------------------- > > [EMAIL PROTECTED] kernel]# insmod ipchains > Using /lib/modules/2.4.20-8/kernel/net/ipv4/netfilter/ipchains.o > /lib/modules/2.4.20-8/kernel/net/ipv4/netfilter/ipchains.o: init_module: > Device or resource busy > Hint: insmod errors can be caused by incorrect module parameters, including > invalid IO or IRQ parameters. > You may find more information in syslog or the output from dmesg > > [EMAIL PROTECTED] kernel]# lsmod > Module Size Used by Not tainted > udf 98400 0 (autoclean) > nls_iso8859-1 3516 0 (autoclean) > nls_cp437 5116 0 (autoclean) > msdos 8140 0 (autoclean) > fat 38808 0 (autoclean) [msdos] > loop 12152 0 (autoclean) > nfsd 80176 8 (autoclean) > lockd 58704 1 (autoclean) [nfsd] > sunrpc 81564 1 (autoclean) [nfsd lockd] > iptable_filter 2412 0 (autoclean) (unused) > ip_tables 15096 1 [iptable_filter] > ide-cd 35708 0 (autoclean) > cdrom 33728 0 (autoclean) [ide-cd] > i810_audio 27720 0 > soundcore 6404 2 [i810_audio] > ac97_codec 13640 0 [i810_audio] > r128 88312 1 > agpgart 47776 3 > parport_pc 19076 1 (autoclean) > lp 8996 0 (autoclean) > parport 37056 1 (autoclean) [parport_pc lp] > autofs 13268 0 (autoclean) (unused) > 3c59x 30704 1 > ne2k-pci 7232 1 > 8390 8508 0 [ne2k-pci] > keybdev 2944 0 (unused) > mousedev 5492 0 > hid 22148 0 (unused) > input 5856 0 [keybdev mousedev hid] > usb-uhci 26348 0 (unused) > usbcore 78784 1 [hid usb-uhci] > ext3 70784 1 > jbd 51892 1 [ext3] > > -- Mike Burger http://www.bubbanfriends.org Visit the Dog Pound II BBS telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000 To be notified of updates to the web site, send a message to: [EMAIL PROTECTED] with a message of: subscribe -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list ___________________________________________________________ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
