Le jeu 29/04/2004 à 19:45, Kevin W. Gagel a écrit : > Has all support been dropped for ipchains? ipchains support has been dropped from 2.6 kernels. > Is there a need to change from ipchains to iptables? As it is not supported since 2.4, I would say yes. Regarding Netfilter's functionnalities, opposed to ipchains ones, I would say DE-FI-NI-TLY yes. Stateful filtering is a major improvement, for both security and ease of ruleset writing (once understood), and NAT capabilities are far behond what ipchains can do (all NAT forms supported), not to mention all available matches and targets, mangle stuff and existing extensions such as l7-filter. So, imho, the question would be, is there any need to stay with ipchains on new kernels ? Except lazyness of course :) -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
