Kernel 2.4 Q's
Craig White
Fri, 25 May 2001 10:11:45 -0700
> -----Original Message-----
> From:
> []On Behalf Of
> der.hans
> Sent: Friday, May 25, 2001 9:03 AM
> To:
> Subject: Re: Kernel 2.4 Q's
> Am 25. May, 2001 schwäzte Craig White so:
> > thus I turned to ipchains and downloaded ipmasqadm. This must
> be compiled
> > into kernel to make it's magic. I never compiled kernel before
> so learning
> > curve was steep. I could never compile a kernel that could run
> > ipchains...everytime I booted a new kernel and attempted to set
> an ipchains
> > ruleset, I would get the message "ipchains not supported in
> this kernel".
> You've not enabled whatever goo ipchains wants.
Understood but in make menuconfig - it's not intrinsically obvious which
switch controls ipchains - except that if you enable one of the aspects of
netfilter, it denies all availability to use ipchains.
> I forget what all you want, but it should be listed in Rusty's guide.
> > Kernel sources were the RedHat 7.1 from the CD (mistake?).
> If you're running 7.1 you should be able to use either ipchains
> or iptables
> out of the box.
> > Many more questions on compiling kernel tomorrow but for now...
> >
> > Is it possible to compile kernel (2.4.x) and still use ipchains?
> Yup, default install of RedHat 7.1 uses 2.4.x and ipchains.
I see that but could never compile a kernel that could do that.
> > Does anyone know of THOROUGH rulesets for iptables/netfilter?
> I haven't tried either of them yet, but I see ferm and knetfilter
> in debian
> unstable. knetfilter says it's a GUI.
> > Does anyone know of utility to translate ipchains rulesets to
> > iptables/netfilter (I am understanding that port forwarding is part and
> > parcel of iptables.
> I think netfilter, aka iptables, understands ipchains commands.
> Maybe we can get Nick to respond. He knows better than I :).
looked at ferm - you still need some familiarity with iptables. didn't see
knetfilter unless that is the thing that Redhat uses and obviously on
firewall, I didn't deploy any X-stuff at all.
I'll end up writing a note to Rusty & David about some of this but I was
hoping that someone on this list had already walked this path.
I have many more questions about kernel compiling but have to get ready for
work so they will come over the weekend.