Re: Red Hat Firewall vs ipchains

From: NeoSadist (
Date: 12/27/03

  • Next message: Wolfgang Kueter: "Re: Red Hat Firewall vs ipchains"
    Date: Sat, 27 Dec 2003 00:24:15 -0700

    Allan wrote:

    > Just a newbie trying to build a linux firewall box...
    > Can someone give me the 30,000 foot view of firewalls - specifically:
    > I am installing the smaller (footprint) Red Hat 7.3 for a firewall box. I
    > was going to run ipchains, and during the install, I am reminded of the
    > default installation firewall that Red Hat includes...
    > What can I do with this default installation firewall?

    What do you want to do with it? (Remember however, a firewall is a security
    device mainly, and isn't really meant to directly protect you from viruses,
    trojans, or spam. However, it can help do those, although its main
    function is a security device).

    > Can I use it with a
    > multi-homed configuration at the gateway to a small network?

    Yes, but I would recommend something other than redhat for that, like one of
    those distros that is meant specifically for that use. However, you can
    use redhat for a gateway if you like...

    > Should I just
    > select "no firewall" and then install ipchains?

    IPChains should already be installed. I do recommend not using the
    graphical firewall config. If you can, uninstall that program, but keep
    ipchains, and from there learn how to use IPChains. There are good
    articles about using IPChains to do this.
    One other thing, however: IPChains is older. I'd recommend downloading
    kernel 2.4.23 and IPTables, which is better and more robust. I've never
    used ipchains for a gateway/router box, but i've been told that it's better
    to use iptables for that use.

    > (Further, is there a whopping difference between ipchains and iptables?)

    Uh, I don't know ipchains, so you'd have to go to to ask
    them (they have several articles and howto's that will explain)

    > I am using Linux Firewalls by Robert L. Zeigler as my reference on this
    > project.

    ? You mean, his configuration of iptables, or his firewall software?

    > Thanks in advance.
    > ===========================
    > Allan
    > Alberta Canada

    Pardo's First Postulate:
            Anything good in life is either illegal, immoral, or
    Arnold's Addendum:
            Everything else causes cancer in rats.

  • Next message: Wolfgang Kueter: "Re: Red Hat Firewall vs ipchains"