Between ipchains and iptables please? I know mandrake 7.2 uses ipchains and 8.0 uses iptables by default, but what is the difference? I was going to use PMFirewall to set up a firewall ruleset in 7.2 as that used ipchains, but then Mandrake went and scuppered that idea by releasing 8.0 :wink:

So now in 8.0 I have been told to use Firestarter as that works with iptables.

But I'd really be interested to know what they are :)

I'll start with the obvious.

Firewalling is all about having the machine forward on some IP packets but not others. In order to do this, you need to tell it which packets to let through, and which packets not to let through, and it then has to put those rules into effect. ipchains and iptables are two different ways of doing this. ipchains was in 2.2, iptables is better and is in 2.4. The main difference in functionality is that iptables is stateful, whereas ipchains is stateless. This means that ipchains looks at each packet and applies the same rules each time. iptables can make decisions based on what's happened in the past - which is useful for detecting scans, limiting DOS attacks, etc.

You should probably use iptables.

HTH

AEF

Thanks a lot :)