1 |
On Tue, 18 Aug 2009 18:11:36 -0400 |
2 |
"Walter Dnes" <waltdnes@××××××××.org> wrote: |
3 |
|
4 |
> IPCHAINS did the firewall job for me. Early versions of IPTABLES |
5 |
> were OK too. But it eventually developed the Mozilla disease, and |
6 |
> became a honking big routing/gatewaying/QOSing/singing/dancing |
7 |
> monstrosity, of which I required only a small fraction of its |
8 |
> "functionality". And I'm really confused as to which parts in |
9 |
> netfilter/xtables/iptables I need to build into the kernel. |
10 |
|
11 |
Hey, |
12 |
|
13 |
I too am a minimalist but I think you've got iptables misidentified. |
14 |
It has lots of features; that's not the same as saying it's bloated. |
15 |
More like the linux kernel (and in fact it _is_, as others have said, |
16 |
the linux kernel) - it supports a lot of different functionality. If |
17 |
you don't want a particular capability, disable it in the kernel. |
18 |
|
19 |
If you want a quick firewall setup, use |
20 |
http://spore.ath.cx/~dan/doc/home-firewall.html. It's what I use and my |
21 |
step by step guide should save you a bit of effort. |