>As of 2.1.106.. IPFWADM no longer works. It has been
>replaced by IPCHAINS that does everything that IPFWADM
>does but also does Quality of Service too.
>
>Would you consider any of the 2.1 kernels stable enough for
>a full blown firewall implementation? If so, which one?
Judging from all the reports I've been getting.. Yes.
The 2.1.x kernels have faster networking code that the 2.0.x
kernels and MASQ is built-in but there are two new spins to
it:
- IPFWADM is dead and you much impliment IPCHAINS.
Evidently, the IPCHAINS HOWTO is very good and
migration isn't too bad.
- IPCHAINS does NOT allow for adjustable MASQ
timeouts. To change these, you need to run
IPMASQADM available at:
http://juanjox.home.ml.org
Beyond that.. thats all I know. I've also heard that
both the MASQ Dotfile generator and Mason are going to
be updated to do IPCHAINS rulesets but they aren't
done yet.
--David
.----------------------------------------------------------------------------.
| David A. Ranch - Remote Access/Linux/PC hardware [EMAIL PROTECTED] |
!---- ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
