[Gllug] isntalling iptables
Rickey Costas
rickey at lefteris.co.uk
Mon Nov 26 16:41:44 UTC 2001
Hi Will,
for iptables, there are three parts to making it work.
1. The kernel part. This needs to either be compiled in, or compiled as a
module. You'll need to be comfortable with kernel compilation for that.
Have a read of http://www.linuxdoc.org/HOWTO/Kernel-HOWTO.html if you dont
already know it. Technically it is possible to compile and run kernel
modules without having to reboot, but can prove difficult to actually pull
off.
2. The userspace part. This you download (from http://netfilter.samba.org/)
and compile separately. Follow the instructions with the download.
3. Configuration. You can either roll your own (reading the howto's on
http://netfilter.samba.org/) or get a iptables configuration script or tool
from freshmeat (typing iptables into the search gadget get you a few).
First of all you should probably try and read the docs and do it by hand;
this'll really be useful if you do try some of the scripts or tools (and
have a problem), or want to do something that them scripts authors hadnt
thought about. There's also a fair bit of documentation about these days
too. Ask here if you get any config problems.
I dont use RedHat, but I know that iptables development moves quite fast.
The distributions do lag behind, and there have been vulnerabilities found
in older iptables code. So whilst, RedHat may provide you with easier ways
of getting the code onto your box, you should get up to date releases or at
least check to make sure that there arent any bugs or vulnerabilities that
are gonna hit you.
Hope that helps,
Rickey.
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list