Re: [fw-wiz] IPChains vs. IPTables

From: Patrick Darden (
Date: 07/24/02

From: Patrick Darden <>
To: Marc DVer <>
Date: Wed Jul 24 11:41:01 2002

IPTables allow content inspection (making sure port 80 traffic is web, 21
is ftp, etc.), making it a little better than a mere packet filter.
Truthfully, though, with tunnelling, if you don't have tight access lists
then allowing any protocol access is just as secure via packet filtering
as packet inspection. Loki uses icmp; then there's ssl tunneling, ssh,
and hosts of others....

--Patrick Darden                Internetworking Manager             
--                              706.475.3312
--                              Athens Regional Medical Center
On Wed, 24 Jul 2002, Marc DVer wrote:
> Someone suggested that I use IPTables instead of IPchains, as IPTables is
> more robust.  Is IPTables more secure for a given set of rules?
> The rules for IPChains I use can be found at
> .  This is easier than trying
> to explain what I am trying to accomplish.
> I am using RedHat 7.1 for a gateway/firewall.
> I am also looking for an online IPTables for Dummies reference, in case
> IPTables is indeed superior to IPChains.
> Sincerely,
> Marc DVer
> _______________________________________________
> firewall-wizards mailing list