James LeClair wrote: > I would like to do a fresh install on this machine with woody and kernel > 2.4 using IPTABLES to set up the same type of situation, with a > few additional features. > > What would be the minimum required modules to install so as to allow the > following to take place in the future: > > 1: firewalling and possibly stateful packet inspection
iptable_filter ip_conntrack, ipt_state, ip_conntrack_ftp > 2: port forwarding so as to allow external requests from the internet to > be forwarded from my router to the appropriate server on internal network ipt_REDIRECT > 3: masqerading to allow all internal computers to access internet iptable_nat, ip_nat_ftp > Also, is there a script out there that could convert my existing IPCHAINS > ruleset to at least get me started? Won't be too hard to do yourself. Besides stateful packet filtering, the biggest changes between IPChains and IPTables are: 1) There is a separate NAT table with its own chains to handle redirects, masquerading, etc. 2) Instead of passing through all 3 chains (INPUT, FORWARD, OUTPUT), a forwarded packet will only pass through the FORWARD chain If you need more help, you can study the man page for IPTables or search Google for "IPTables HOWTO" or something similar. Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
