Ipchains: Difference between revisions

ipchains
Developer(s)	Rusty Russell
Initial release	pre-1998; 26 years ago
Final release	1.3.10 / October 6, 2000; 23 years ago
Written in	C
Operating system	Linux
Platform	Linux kernel
Successor	iptables
Type	Packet filter management
License	GPL
Website	people.netfilter.org/rusty/ipchains/

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Inline

Latest revision as of 18:09, 12 May 2024

Linux IP Firewalling Chains, normally called ipchains, is free software to control the packet filter or firewall capabilities in the 2.2 series of Linux kernels. It superseded ipfirewall (managed by ipfwadm command), but was replaced by iptables in the 2.4 series. Unlike iptables, ipchains is stateless.

It is a rewrite of Linux's previous IPv4 firewall, ipfirewall. This newer ipchains was required to manage the packet filter in Linux kernels starting with version 2.1.102 (which was a 2.2 development release). Patches are also available to add ipchains to 2.0 and earlier 2.1 series kernels. Improvements include larger maxima for packet counting, filtering for fragmented packets and a wider range of protocols, and the ability to match packets based on the inverse of a rule.^[1]

The ipchains suite also included some shell scripts for easier maintenance and to emulate the behavior of the old ipfwadm command.

The ipchains software was superseded by the iptables system in Linux kernel 2.4 and above,^[2] which was in turn superseded by the nftables system in 2014.

References[edit]

^ Russell, Rusty (2000-07-04). "Linux IPCHAINS-HOWTO" (version 1.0.8 ed.). Archived from the original on 2012-02-16. Retrieved 2009-02-08.
^ "netfilter/iptables project homepage". 2009-02-06. Retrieved 2009-02-08.

External links[edit]

IPChains HOWTO: on TLDP and on FAQs.org

[1] Russell, Rusty (2000-07-04). "Linux IPCHAINS-HOWTO" (version 1.0.8 ed.). Archived from the original on 2012-02-16. Retrieved 2009-02-08.

[2] "netfilter/iptables project homepage". 2009-02-06. Retrieved 2009-02-08.

[1]

[2]

@@ Line 1: / Line 1: @@
+{{Short description|User-space portion of Linux kernel packet filtering system}}
 {{lowercase|title=ipchains}}
 {{Infobox software
@@ Line 6: / Line 7: @@
 |author                     =
 |developer                  = [[Rusty Russell]]
-|released                   = pre-1998 <!-- {{Start date|YYYY|MM|DD}} -->
+|released                   = pre-{{Start date and age|1998}}
 |latest release version     = 1.3.10
 |latest release date        = {{Start date and age|2000|10|6}}
@@ Line 16: / Line 17: @@
 |size                       =
 |language                   =
-|status                     = Unmaintained; superseded by [[iptables]]
+|discontinued               = yes
+|replaced_by                = [[iptables]]
 |genre                      = [[Packet filter]] management
-|license                    = [[GNU Public License|GPL]]
+|license                    = [[GNU General Public License|GPL]]
-|website                    = [http://people.netfilter.org/~rusty/ipchains/]
+|website                    = {{URL|https://people.netfilter.org/rusty/ipchains/}}
 }}
-'''Linux IP Firewalling Chains''', normally called '''ipchains''', is [[free software]] to control the [[packet filter]]/[[firewall (networking)|firewall]] capabilities in the 2.2 series of [[Linux kernel]]s.  It superseded [[ipfwadm]], but was replaced by [[iptables]] in the 2.4 series. Unlike iptables, ipchains is stateless.
+'''Linux IP Firewalling Chains''', normally called '''ipchains''', is [[free software]] to control the [[packet filter]] or [[firewall (networking)|firewall]] capabilities in the 2.2 series of [[Linux kernel]]s. It superseded [[ipfirewall]] (managed by '''ipfwadm''' command), but was replaced by [[iptables]] in the 2.4 series. Unlike iptables, ipchains is [[Stateful firewall|stateless]].
-It is a rewrite of Linux's previous [[IPv4]] [[firewall (networking)|firewall]], [[ipfwadm]].  This newer ipchains was required to manage the [[packet filter]] in [[Linux kernel]]s starting with version 2.1.102 (which was a 2.2 development release).  Patches are also available to add ipchains to 2.0 and earlier 2.1 series kernels.  Improvements include larger maximums for packet [[counting]], filtering for [[IP fragmentation|fragmented packets]] and a wider range of [[protocol (computing)|protocols]], and the ability to match packets based on the inverse of a rule.<ref>{{cite web | url = http://people.netfilter.org/~rusty/ipchains/HOWTO-1.html | title = Linux IPCHAINS-HOWTO | last = Russell | first = Rusty | chapter = 1 | version 1.0.8 | date = 2000-07-04 | accessdate = 2009-02-08 }}</ref>
+It is a rewrite of Linux's previous [[IPv4]] [[firewall (networking)|firewall]], [[ipfirewall]]. This newer ipchains was required to manage the [[packet filter]] in [[Linux kernel]]s starting with version 2.1.102 (which was a 2.2 development release). Patches are also available to add ipchains to 2.0 and earlier 2.1 series kernels. Improvements include larger maxima for packet [[counting]], filtering for [[IP fragmentation|fragmented packets]] and a wider range of [[protocol (computing)|protocols]], and the ability to match packets based on the inverse of a rule.<ref>{{cite web | url = http://people.netfilter.org/~rusty/ipchains/HOWTO-1.html | title = Linux IPCHAINS-HOWTO | last = Russell | first = Rusty | edition = version 1.0.8 | date = 2000-07-04 | accessdate = 2009-02-08 | url-status = dead | archiveurl = https://web.archive.org/web/20120216060037/http://people.netfilter.org/~rusty/ipchains/HOWTO-1.html | archivedate = 2012-02-16 }}</ref>
-The ipchains suite also included some shell scripts for easier maintenance and to emulate the behavior of the old [[ipfwadm]] command.
+The ipchains suite also included some shell scripts for easier maintenance and to emulate the behavior of the old '''ipfwadm''' command.
-The ipchains software was superseded by the [[iptables]] system in [[Linux kernel]] 2.4 and above.<ref>{{cite web | url = http://www.netfilter.org/ | title = netfilter/iptables project homepage | date = 2009-02-06 | accessdate = 2009-02-08 }}</ref>
+The ipchains software was superseded by the [[iptables]] system in [[Linux kernel]] 2.4 and above,<ref>{{cite web | url = http://www.netfilter.org/ | title = netfilter/iptables project homepage | date = 2009-02-06 | accessdate = 2009-02-08 }}</ref> which was in turn superseded by the [[nftables]] system in 2014.
 ==References==
-{{Reflist}}
+{{reflist}}
 ==External links==
-{{Portal|Free software}}
+{{Portal|Free and open-source software}}
-* IPChains HOWTO: [http://tldp.org/HOWTO/IPCHAINS-HOWTO.html on TDLP] and [http://www.faqs.org/docs/Linux-HOWTO/IPCHAINS-HOWTO.html on FAQs.org]
+* IPChains HOWTO: [http://tldp.org/HOWTO/IPCHAINS-HOWTO.html on TLDP] and [http://www.faqs.org/docs/Linux-HOWTO/IPCHAINS-HOWTO.html on FAQs.org]
+{{Firewall software}}
+{{Linux kernel}}
-[[Category:Configuration management]]
 [[Category:Discontinued software]]
 [[Category:Firewall software]]
@@ Line 45: / Line 49: @@
 [[Category:Linux kernel features]]
 [[Category:Linux security software]]
-[[cs:Ipchains]]
-[[de:Ipchains]]
-[[es:Ipchains]]
-[[fr:Ipchains]]
-[[it:Ipchains]]
-[[pl:Ipchains]]
-[[ru:Ipchains]]