Ipchains: Difference between revisions

ipchains
Developer(s)	Rusty Russell
Initial release	pre-1998
Stable release	1.3.10 / October 6, 2000; 23 years ago
Written in	C
Operating system	Linux
Platform	Linux kernel
Type	Packet filter management
License	GPL
Website	[1]

Browse history interactively

← Previous edit Next edit →

Content deleted Content added

VisualWikitext

Inline

Revision as of 23:20, 9 December 2012

Linux IP Firewalling Chains, normally called ipchains, is free software to control the packet filter/firewall capabilities in the 2.2 series of Linux kernels. It superseded ipfwadm, but was replaced by iptables in the 2.4 series. Unlike iptables, ipchains is stateless.

It is a rewrite of Linux's previous IPv4 firewall, ipfwadm. This newer ipchains was required to manage the packet filter in Linux kernels starting with version 2.1.102 (which was a 2.2 development release). Patches are also available to add ipchains to 2.0 and earlier 2.1 series kernels. Improvements include larger maxima for packet counting, filtering for fragmented packets and a wider range of protocols, and the ability to match packets based on the inverse of a rule.^[1]

The ipchains suite also included some shell scripts for easier maintenance and to emulate the behavior of the old ipfwadm command.

The ipchains software was superseded by the iptables system in Linux kernel 2.4 and above.^[2]

References

^ Russell, Rusty (2000-07-04). "Linux IPCHAINS-HOWTO". Retrieved 2009-02-08. {{cite web}}: |chapter= ignored (help); Text "version 1.0.8" ignored (help)
^ "netfilter/iptables project homepage". 2009-02-06. Retrieved 2009-02-08.

External links

IPChains HOWTO: on TDLP and on FAQs.org

[1] Russell, Rusty (2000-07-04). "Linux IPCHAINS-HOWTO". Retrieved 2009-02-08. {{cite web}}: |chapter= ignored (help); Text "version 1.0.8" ignored (help)

[2] "netfilter/iptables project homepage". 2009-02-06. Retrieved 2009-02-08.

[1]

[2]

@@ Line 24: / Line 24: @@
 '''Linux IP Firewalling Chains''', normally called '''ipchains''', is [[free software]] to control the [[packet filter]]/[[firewall (networking)|firewall]] capabilities in the 2.2 series of [[Linux kernel]]s.  It superseded [[ipfwadm]], but was replaced by [[iptables]] in the 2.4 series. Unlike iptables, ipchains is stateless.
-It is a rewrite of Linux's previous [[IPv4]] [[firewall (networking)|firewall]], [[ipfwadm]].  This newer ipchains was required to manage the [[packet filter]] in [[Linux kernel]]s starting with version 2.1.102 (which was a 2.2 development release).  Patches are also available to add ipchains to 2.0 and earlier 2.1 series kernels.  Improvements include larger maximums for packet [[counting]], filtering for [[IP fragmentation|fragmented packets]] and a wider range of [[protocol (computing)|protocols]], and the ability to match packets based on the inverse of a rule.<ref>{{cite web | url = http://people.netfilter.org/~rusty/ipchains/HOWTO-1.html | title = Linux IPCHAINS-HOWTO | last = Russell | first = Rusty | chapter = 1 | version 1.0.8 | date = 2000-07-04 | accessdate = 2009-02-08 }}</ref>
+It is a rewrite of Linux's previous [[IPv4]] [[firewall (networking)|firewall]], [[ipfwadm]].  This newer ipchains was required to manage the [[packet filter]] in [[Linux kernel]]s starting with version 2.1.102 (which was a 2.2 development release).  Patches are also available to add ipchains to 2.0 and earlier 2.1 series kernels. Improvements include larger maxima for packet [[counting]], filtering for [[IP fragmentation|fragmented packets]] and a wider range of [[protocol (computing)|protocols]], and the ability to match packets based on the inverse of a rule.<ref>{{cite web | url = http://people.netfilter.org/~rusty/ipchains/HOWTO-1.html | title = Linux IPCHAINS-HOWTO | last = Russell | first = Rusty | chapter = 1 | version 1.0.8 | date = 2000-07-04 | accessdate = 2009-02-08 }}</ref>
 The ipchains suite also included some shell scripts for easier maintenance and to emulate the behavior of the old [[ipfwadm]] command.