| 1 |
On Tue, 18 Aug 2009 18:11:36 -0400 |
| 2 |
"Walter Dnes" <waltdnes@××××××××.org> wrote: |
| 3 |
|
| 4 |
> IPCHAINS did the firewall job for me. Early versions of IPTABLES |
| 5 |
> were OK too. But it eventually developed the Mozilla disease, and |
| 6 |
> became a honking big routing/gatewaying/QOSing/singing/dancing |
| 7 |
> monstrosity, of which I required only a small fraction of its |
| 8 |
> "functionality". And I'm really confused as to which parts in |
| 9 |
> netfilter/xtables/iptables I need to build into the kernel. |
| 10 |
|
| 11 |
Hey, |
| 12 |
|
| 13 |
I too am a minimalist but I think you've got iptables misidentified. |
| 14 |
It has lots of features; that's not the same as saying it's bloated. |
| 15 |
More like the linux kernel (and in fact it _is_, as others have said, |
| 16 |
the linux kernel) - it supports a lot of different functionality. If |
| 17 |
you don't want a particular capability, disable it in the kernel. |
| 18 |
|
| 19 |
If you want a quick firewall setup, use |
| 20 |
http://spore.ath.cx/~dan/doc/home-firewall.html. It's what I use and my |
| 21 |
step by step guide should save you a bit of effort. |
Archives