iptables (was port forwading)

Patrick Fleming EA plug-discuss@lists.plug.phoenix.az.us
Mon, 18 Mar 2002 15:12:37 -0700 (MST) 

On 18 Mar 2002, Carl Parrish wrote:

> On Mon, 2002-03-18 at 12:48, Kevin Brown wrote:
> > > > Or ipchains is already loaded and so you can't load iptables.
> > > >
> > > > lsmod
> > > 
> > > Ahhhh yeah ipchain *is* loaded (didn't know you couldn't have them both
> > > loaded). hmmm so does that mean that I *do* have to rewrite all my
> > > ipchain rules or can I run ipchain rules under iptables?? I seem to
> > > remember someone somewhere saying that there was backward compatbility
> > 
> > I believe (and somebody correct me if I'm wrong) that by default the RH kernels
> > have both ipchains and ipfwadm compatibility support builtin.  I would recommend
> > rewriting your rules any ways.
> > 
> Uh doesn't look like it so far. iptables did *not* like the ipchain
> commands. I wanted to save rewriting the rules until a weekend as I have
> a *lot* of rules. So for now I think I'll keep looking for ipchins
> compatibility thanks for all your help though. (i'm *much* closer than I
> was this mornging 
> 

When I switched to iptables I found that I had about 10% of the number of 
rules as I had when running ipchains. Filtering multiple ports on a single 
line and using the ESTABLISHED,RELATED matching rules made this a far 
easier task than I first anticipated.
The only thing I had to use "extra" rules for was to block the stupid 
Windoze machines from trying to access things on the net that I didn't 
care for... and if I ever get around to it again- to stomp the ad sites 
from hogging browser bandwidth.




> 
> > rmmod ipchains
> > insmod iptables
> 
> Just for the sake of the archives on RH 7.2 the command was insmod
> ip_tables
> 
> 
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
> 
> PLUG-discuss mailing list  -  PLUG-discuss@lists.plug.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> 

-- 
Patrick Fleming, EA
Licensed to represent taxpayers
before Exam, Appeals, and Conference 
divisions of the IRS