Firewall Wizards mailing list archives
Re: ipfwadm X ipchains
From: William Stearns <wstearns () pobox com>
Date: Mon, 20 Sep 1999 23:08:50 -0400 (EDT)
On 20 Sep 1999 dwelch () phoneboy com wrote:
On Sun, 19 September 1999, William Stearns wrote:The 2.4.x kernel series, hopefully coming out in December, will support iptables. iptables has backwards compatibility modules for running either ipfwadm or ipchains firewalls. The native implementation is extensible; anyone can create new loadable modules that provide either new matching fields or new actions when a packet matches. For example, there's a module that allows matches on the source mac address.I'd like to see: 1. Stateful packet filtering for non-MASQed stuff.
Brian Murrell is working on SPF, but I don't know the state of that project. Brian?
2. The ability to log somewhere other than /var/log/messages
The log module in iptables allows you to set the logging level so syslogd can direct the packets to any file you'd like. It also has the ability to include an additional user defined field for identification while processing the logs.
But that's just me. Does the 2.4.x kernels have that functionality?
The logging functionality is available right now for testing in the 2.3.x kernel series, with the standard reminder that the odd second digit denotes a kernel series under active development that is not recommended for production servers. See the FAQ at http://www.tux.org/lkml/
Sounds like, if nothing else, it could be coded so it does.
Rusty would certainly like testers, coders, idea people for continued development. Any interest? http://www.samba.org/netfilter/ Cheers, - Bill --------------------------------------------------------------------------- Q: Will the tcp/ethernet SMP scaling changes be back-ported to 2.2.x? Mingo: yes, all SMP changes in 2.3 will be backported to 2.2 in the next few months, but to not confuse it with 2.2 it will be named '2.4' ;) -- Ingo Molnar <mingo () chiara csoma elte hu> -------------------------------------------------------------------------- William Stearns (wstearns () pobox com). Mason, Buildkernel, named2hosts, and ipfwadm2ipchains are at: http://www.pobox.com/~wstearns/ --------------------------------------------------------------------------
Current thread:
- ipfwadm X ipchains fgb (Sep 14)
- Re: ipfwadm X ipchains Jan van Rensburg (Sep 18)
- Re: ipfwadm X ipchains Siglite (Sep 21)
- Re: ipfwadm X ipchains Danny Rathjens (Sep 18)
- Re: ipfwadm X ipchains altellez (Sep 21)
- <Possible follow-ups>
- Re: ipfwadm X ipchains dwelch (Sep 18)
- Re: ipfwadm X ipchains William Stearns (Sep 19)
- Re: ipfwadm X ipchains dwelch (Sep 21)
- Re: ipfwadm X ipchains William Stearns (Sep 21)
- Re: ipfwadm X ipchains Jan van Rensburg (Sep 18)