[TriLUG] Debian woody and ipchains/iptables

[Tom Bryan]

Hi, all.  I'm back to trying Debian again.  The good news is that I made more 
progress this time.  I grabbed one of the mini-CD images listed on 
http://www.debian.org/CD/netinst/, and it configured my network card from 
DHCP and let me use tasksel to get a decent system installed.

Now, I run no services that I want others to see, so the first thing that I 
want to do is put up a ipchains or iptables firewall that basically drops 
anything incoming that's not a response to one of my requests (DHCP, DNS, 
HTTP, FTP, POP, or IMAP-SSL to machines outside my network).  I also plan to 
use this box as a firewall doing NAT for the rest of my network.

The Debian Woody box runs, boots, and seems to function.  My first step after 
initial software installation was to check what my firewall rulelist looked 
like.  Since the install gave me a 2.2 kernel, I tried ipchains -L.  I got an 
error message saying that ipchains was not compatible with my kernel.  I 
noticed that iptables was also installed.  So, I tried running iptables -L, 
hoping that Debian simply installed a 2.2 kernel with whatever it needed for 
iptables instead of ipchains.  Nope.  I get an error saying

"modprobe: Can't locate module ip_tables
iptables v1.2.11: can't initialize iptables table `filter': iptables who?
(do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded."

For this machine, ipchains would be fine with me, but when I go looking for 
information on this topic, I keep finding instructions about how to upgrade 
my woody kernel to 2.4 so that I can use iptables.  That sounds like more 
work than I really want to do at the moment.  

Has anyone hit this problem with a fresh Debian Woody install?

---Tom