- Until recently, ipchains was used for RedHat. It's still
the choice on many Linux distributions
- ipchains and iptables are similar. They are fully-featured
firewalls at the port, source and destination level. (They can't
look at the payload)
- As Toxen describes, it's inexpensive and very effective to use
a Linux computer running ipchains or iptables as a firewall, even in
high-bandwidth situations
- The man page for iptables describes
the basic functionality, but not in much detail
- Here is the iptables file from blue
(/etc/sysconfig/iptables). Do you know why each line is there?
- You can modify iptables (cautiously!) while it is running. You
can also edit the iptables configuration file then restart the
iptables via the /etc/rc.d/init.d/iptables restart command. Similar
methods exist for other systems, and for ipchains.
|