> -----Original Message-----
> From: plug-discuss-admin@lists.plug.phoenix.az.us
> [mailto:plug-discuss-admin@lists.plug.phoenix.az.us]On Behalf Of
> der.hans
> Sent: Friday, May 25, 2001 9:03 AM
> To: plug-discuss@lists.plug.phoenix.az.us
> Subject: Re: Kernel 2.4 Q's
>
>
> Am 25. May, 2001 schwäzte Craig White so:
>
> > thus I turned to ipchains and downloaded ipmasqadm. This must
> be compiled
> > into kernel to make it's magic. I never compiled kernel before
> so learning
> > curve was steep. I could never compile a kernel that could run
> > ipchains...everytime I booted a new kernel and attempted to set
> an ipchains
> > ruleset, I would get the message "ipchains not supported in
> this kernel".
>
> You've not enabled whatever goo ipchains wants.
------
Understood but in make menuconfig - it's not intrinsically obvious which
switch controls ipchains - except that if you enable one of the aspects of
netfilter, it denies all availability to use ipchains.
------
>
> I forget what all you want, but it should be listed in Rusty's guide.
>
> > Kernel sources were the RedHat 7.1 from the CD (mistake?).
>
> If you're running 7.1 you should be able to use either ipchains
> or iptables
> out of the box.
>
> > Many more questions on compiling kernel tomorrow but for now...
> >
> > Is it possible to compile kernel (2.4.x) and still use ipchains?
>
> Yup, default install of RedHat 7.1 uses 2.4.x and ipchains.
------
I see that but could never compile a kernel that could do that.
------
>
> > Does anyone know of THOROUGH rulesets for iptables/netfilter?
>
> I haven't tried either of them yet, but I see ferm and knetfilter
> in debian
> unstable. knetfilter says it's a GUI.
>
> > Does anyone know of utility to translate ipchains rulesets to
> > iptables/netfilter (I am understanding that port forwarding is part and
> > parcel of iptables.
>
> I think netfilter, aka iptables, understands ipchains commands.
>
> Maybe we can get Nick to respond. He knows better than I :).
>
--------
looked at ferm - you still need some familiarity with iptables. didn't see
knetfilter unless that is the thing that Redhat uses and obviously on
firewall, I didn't deploy any X-stuff at all.

I'll end up writing a note to Rusty & David about some of this but I was
hoping that someone on this list had already walked this path.

I have many more questions about kernel compiling but have to get ready for
work so they will come over the weekend.

Thanks,

Craig