After days of reading up on new versions of ipac/ipchains/iptables and searching through the list archive I could use some advice please.
I recently took the leap to kernel 2.4 with a Redhat 7.1 upgrade and even though the ipac doco claims that it will work with the 2.4 kernel and ipchains, I think what they really mean is that it will work with 2.2 and ipchains OR 2.4 and iptables. I'm not ready to make the jump to iptables yet as I have several things dependent on ipchains. So this leaves me with the issue of how to get my per host bandwidth monitoring back on track. ipac-ng works fine in this configuration (ipac-ng-1.11/kernel 2.4.4-12/ipchains1.10) if I don't have any packet rules in place but once i fire up my packet firewall rules it stops monitoring any traffic. Obviously this is not an option. So, if anyone has managed to get ipac working in this configuration I would appreciate you adivice. I'm also willing to move away from ipac to another package. I have a major search of freshmeat and really couldn't find anything that did per host summaries and graphing like ipac does. mrtg seems like the go but it's not clear to me if it can do the simple per host type graphing I'm looking for. It appears to be for snmp managed type devices??? On a separate matter, can someone tell me how RedHat 7.1 determines if it is going to load the ipchains or iptables kernel module? I've checked all the usual suspects like modules.conf and the startup scripts but I'm very confused (nothing new here). I have two systems that I thought were fairly close in configuration. One upgraded and kept the ipchains module loaded (although I can't see how) and the other decided to use iptables when it was upgraded. On the latter, I removed the iptables rpm to try and get rid of it but now I'm having to load the ipchains module with insmod with the firewall script. Surely there is a way to automate this on startup when all the other modules are loaded? ipchains is in the module directory so I don't understand why it doesn't load. And yes, I did every "man" I could think of and RTFMed until I was truly "F"ed. And googled etc etc. Cheers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Darrell Burkey @ Home Canberra, ACT -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
