On Tue, 18 Aug 2009 18:11:36 -0400 "Walter Dnes" <waltd...@waltdnes.org> wrote:
> IPCHAINS did the firewall job for me. Early versions of IPTABLES > were OK too. But it eventually developed the Mozilla disease, and > became a honking big routing/gatewaying/QOSing/singing/dancing > monstrosity, of which I required only a small fraction of its > "functionality". And I'm really confused as to which parts in > netfilter/xtables/iptables I need to build into the kernel. Hey, I too am a minimalist but I think you've got iptables misidentified. It has lots of features; that's not the same as saying it's bloated. More like the linux kernel (and in fact it _is_, as others have said, the linux kernel) - it supports a lot of different functionality. If you don't want a particular capability, disable it in the kernel. If you want a quick firewall setup, use http://spore.ath.cx/~dan/doc/home-firewall.html. It's what I use and my step by step guide should save you a bit of effort.
