[TriLUG] Debian woody and ipchains/iptables
crimsun at fungus.sh.nu
crimsun at fungus.sh.nu
Sun Oct 31 08:32:15 EST 2004
On Sun, Oct 31, 2004 at 08:27:47AM -0500, Tom Bryan wrote:
> like. Since the install gave me a 2.2 kernel, I tried ipchains -L. I got an
> error message saying that ipchains was not compatible with my kernel. I
> noticed that iptables was also installed. So, I tried running iptables -L,
> hoping that Debian simply installed a 2.2 kernel with whatever it needed for
> iptables instead of ipchains. Nope. I get an error saying
netfilter+iptables is only available for 2.4+ kernels.
The easiest upgrade path is:
# apt-get install kernel-image-2.4.18-1-x86
where you'd replace 'x' with {3,5,6} depending on whether you have an
i386, Pentium, or Pentium Pro (or newer) CPU. When in doubt, use 386.
After that's finished (you'll have to reboot into 2.4.18), use:
# apt-get install shorewall
and check out the documentation here:
http://shorewall.net/1.2/shorewall_quickstart_guide.htm
Debian Woody ships with Shorewall 1.2, which the web site says is no
longer supported. Never fear. There are a bevy of other tools and
scripts you can install via apt-get, dselect, aptitude, synaptic, etc.:
$ apt-cache search iptables
Among the relevant returns are: ferm, firewall-easy, fwbuilder-iptables.
The basics are highly sane, so you'll be able to move between different
tools and scripts easily in time.
--
Daniel T. Chen crimsun at fungus.sh.nu
GPG key: www.sh.nu/~crimsun/pubkey.gpg.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://www.trilug.org/pipermail/trilug/attachments/20041031/ab6b1a76/attachment.pgp>
More information about the TriLUG
mailing list