Re: IPChains and IPtables

From: David Efflandt (
Date: 06/03/05

Date: Fri, 3 Jun 2005 18:07:08 +0000 (UTC)

On Fri, 03 Jun 2005 16:54:29 +0200, justme <> wrote:
> HI,
> I am new to IPChains and IPtables
> I have installed Debian woody but did upgrates and DIST upgrades
> I don't know if it can change the IPCHAINS to something else?
> But I still have the Kernel 2.2.20-idepci
> I am totaly new to Firewalls and I am learnig with the IPCHAINS HOWTO
> and when I try this (just for learning)
> ipchains -A input -s -p icmp -j DENY
> I get this answer:
> ipchains: Protocol not available

Newer kernels support iptables, instead of older ipchains (which was less
capable). Some still also support ipchains, but not simultaniously. If
any iptables modules are loaded, ipchains will not work. So even if your
kernel has iptables support (which it might not), you might at least need
to unload any iptables related modules before using ipchains.

/sbin/lsmod can tell you which modules are loaded.

Your system likely has iptables support, so it would be better to
learn that (very similar, but there are changes and additions).

Relevant Pages

  • [kde-linux] Re: Alternative to Guarddog
    ... guarddog used ipchains to run iptables or some such scheme. ... Are you sure it was with kernel 3.0? ... I run git kernels and followed the 3.x development process a bit ...
  • Re: Ipchains for Redhat 8.0 ?
    ... > existing script I found on the 'net which uses the "ipchains" command. ... It means the ipchains code is not available in the kerne. ... statically in the kernel, ... compiled both as modules and by default load iptables. ...
  • Re: Prevent access to linux server when mac adress does not match ip adress
    ... Iptables has much more features than ipchain. ... Prior to the 2.2.x kernel, the firewall was controlled by "ipfwadm". ... introduced the IPCHAINS tool to control that. ... Often the upgrade is too big and bulky for the older ...
  • Re: Portforwarding with ipchains on 2.4 kernel
    ... > firewall using ipchains. ... Yes, iptables is preferred, but... ... it seems I do not have ipmasqadm on the system. ... > missing something in the kernel setup, ...
  • Re: IPChains with RH 9? "Protocol not available"
    ... Yes, iptables is way more versatile than ipchains, and ipchains ... is no longer supported in the redhat kernel by default. ... is RH 9 stock kernel still support ipchains? ...