SourceFiles.org - Use the Source, Luke
Home | Register | News | Forums | Guide | MyLinks | Bookmark

Related Sites

Latest News
  General News
  Reviews
  Press Releases
  Software
  Hardware
  Security
  Tutorials
  Off Topic


Back to files

If your kernel version is before 2.1.102; you need the ipfwchains patch to the 2.1.x or 2.0.x kernel series.

You need to be running a kernel compiled with CONFIG_IP_FIREWALL (for 2.1.102 and above) or CONFIG_IP_FIREWALL_CHAINS set to `y'. You can tell that your current kernel is compiled with this by looking for `/proc/net/ip_fwchains' - if it exists, then your kernel is ready for the ipchains utility.

You should be able to simply type "make all", then (as root) "make install"; this will put the ipchains binary in /sbin/ipchains, and the man pages in /usr/man/man4/ipfw.4 and /usr/man/man8/ipchains.8. Set SBIN and MANDIR repectively (by specifying SBIN=xxx and/or MANDIR=xxx on "make install" command line, or editing the Makefile).

See the HOWTO (available from the web page at http://www.rustcorp.com/linux/ipchains) for details. Included is an excellent quick reference card by Scott Bronson, in PostScript (best printed double-side). This was written in WordPerfect 8 on Linux; you can get the WordPerfect source from

ftp://ftp.trestle.com/pub/ipchains-quickref.xwp

The concept and chunks of the implementation were grabbed from ipfwadm 2.3; the name has been changed to avoid confusion, as `ipfwadm' will NOT work with kernels with the new firewall code. Also, I took the opportunity to rationalize the command line parameters, making it perhaps more difficult for ipfwadm users (not necessarily a bad thing, as it highlights the differences) but hopefully making things more sane in the long run.

In recognition of the fantastic work done by Jos Vos, without whom I would have had no code or concepts to guide me, here is the original copyright notice from many of the files. (Do NOT contact Jos with problems in these utilities; they are almost certainly things I wrecked, and complaining to him would be unfair and unrewarding). 

        Copyright (c) 1995,1996 by X/OS Experts in Open Systems BV.
        All rights reserved.

        Author: Jos Vos <jos@xos.nl>

                X/OS Experts in Open Systems BV
                Kruislaan 419
                1098 VA  Amsterdam
                The Netherlands

                E-mail: info@xos.nl
                WWW:    http://www.xos.nl/

Paul ``Rusty'' Russell & Michael Neuling. ipchains@rustcorp.com


Other Sites

Discussion Groups
  Beginners
  Distributions
  Networking / Security
  Software
  PDAs

About | FAQ | Privacy | Awards | Contact
Comments to the webmaster are welcome.
Copyright 2006 Sourcefiles.org All rights reserved.