Re: Red Hat Firewall vs ipchains

From: NeoSadist (neosad1st_at_charter.net)
Date: 12/27/03

  • Next message: Wolfgang Kueter: "Re: Red Hat Firewall vs ipchains" 
    Date: Sat, 27 Dec 2003 00:24:15 -0700

    Allan wrote:

    > Just a newbie trying to build a linux firewall box...
    >
    > Can someone give me the 30,000 foot view of firewalls - specifically:
    >
    > I am installing the smaller (footprint) Red Hat 7.3 for a firewall box. I
    > was going to run ipchains, and during the install, I am reminded of the
    > default installation firewall that Red Hat includes...
    >
    > What can I do with this default installation firewall?

    What do you want to do with it? (Remember however, a firewall is a security
    device mainly, and isn't really meant to directly protect you from viruses,
    trojans, or spam. However, it can help do those, although its main
    function is a security device).

    > Can I use it with a
    > multi-homed configuration at the gateway to a small network?

    Yes, but I would recommend something other than redhat for that, like one of
    those distros that is meant specifically for that use. However, you can
    use redhat for a gateway if you like...

    > Should I just
    > select "no firewall" and then install ipchains?

    IPChains should already be installed. I do recommend not using the
    graphical firewall config. If you can, uninstall that program, but keep
    ipchains, and from there learn how to use IPChains. There are good
    articles about using IPChains to do this.
    One other thing, however: IPChains is older. I'd recommend downloading
    kernel 2.4.23 and IPTables, which is better and more robust. I've never
    used ipchains for a gateway/router box, but i've been told that it's better
    to use iptables for that use.

    >
    > (Further, is there a whopping difference between ipchains and iptables?)

    Uh, I don't know ipchains, so you'd have to go to www.netfilter.org to ask
    them (they have several articles and howto's that will explain)

    > I am using Linux Firewalls by Robert L. Zeigler as my reference on this
    > project.

    ? You mean, his configuration of iptables, or his firewall software?

    >
    > Thanks in advance.
    > ===========================
    > Allan
    > Alberta Canada 

    -- 
Pardo's First Postulate:
        Anything good in life is either illegal, immoral, or
fattening.
Arnold's Addendum:
        Everything else causes cancer in rats.
  • Next message: Wolfgang Kueter: "Re: Red Hat Firewall vs ipchains"

    Relevant Pages

    • Re: Konvertierung ipchains -> iptables
      ... >> Firewall umsetzen muss, ist das leider nicht so einfach. ... > Die Kunden werden Dir kaum opaque ipchains-Zeilen geliefert haben, ... > iptables am besten stateful neu, wonach man schon mal halb so viele Regeln ... >> Die Umstellung von ipchains auf iptables hat rein technische Gruende. ...
      (de.comp.os.unix.networking.misc)
    • Re: Firewall software.
      ... Most modern Linux systems come with firewall installed with reasonable ... bridge or something that selectively lets packets through it. ... ipchains has been largely replaced by iptables. ...
      (comp.os.linux.networking)
    • Re: Firewall software.
      ... Most modern Linux systems come with firewall installed with reasonable ... bridge or something that selectively lets packets through it. ... ipchains has been largely replaced by iptables. ...
      (comp.os.linux.setup)
    • Re: Firewall software.
      ... Install a firewall. ... ipchains has been largely replaced by iptables. ... binary and name of the program along with the protocol and port allowed. ...
      (comp.os.linux.setup)
    • Re: iptables logging
      ... > I've just switched over to iptables from ipchains. ... > I got the new Linux firewall book by Ziegler. ... iptables uses the DROP target not DENY, and you cant have two targets ...
      (comp.os.linux.security)