Re: iptables vs ipchains?
From: Cedric Blancher (blancher_at_cartel-securite.fr)
Date: 08/08/03
- Next message: David: "Re: Possible Trojan Question"
- Previous message: kj: "iptables vs ipchains?"
- In reply to: kj: "iptables vs ipchains?"
- Next in thread: erik: "Re: iptables vs ipchains?"
- Reply: erik: "Re: iptables vs ipchains?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 08 Aug 2003 08:05:13 +0200
Dans sa prose, kj nous ecrivait :
> I currently run iptables in a 2.4.21 kernel, but I have to go back to
> 2.2.25 kernel for some issues.
> The box sits on the internet, with only http and ssh open, having the rest
> of my system on ipmasq/NAT behind it.
> Is running ipchains safe enough?
Yes it is.
You will lose stateful filtering, but there's no critical loss when you
only filter simple local services like HTTP or SSH. FTP filtering would
have raised an issue, but as you do not provide it, it's OK.
For ipmasq, no problem as well. When you say ipmasq/NAT, do you mean
there's port redirection from public IP to LAN ?
-- BOFH excuse #378: Operators killed by year 2000 bug bite.
- Next message: David: "Re: Possible Trojan Question"
- Previous message: kj: "iptables vs ipchains?"
- In reply to: kj: "iptables vs ipchains?"
- Next in thread: erik: "Re: iptables vs ipchains?"
- Reply: erik: "Re: iptables vs ipchains?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
