Changeset e760c5c
- Timestamp:
- 05/05/2003 06:09:38 PM (21 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 12.2, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gimp3, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, v5_0, v5_0-pre1, v5_1, v5_1-pre1, xry111/for-12.3, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/spidermonkey128, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 0ec6331c
- Parents:
- 28a9992
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
introduction/welcome/changelog.xml
r28a9992 re760c5c 10 10 11 11 <itemizedlist> 12 13 <listitem><para>May 5th, 2003 [larry]: postlfs: updated to 14 iptables-1.2.8.</para></listitem> 12 15 13 16 <listitem><para>May 5th, 2003 [larry]: multimedia: updated to -
postlfs/security/iptables.xml
r28a9992 re760c5c 5 5 <para>The next part of this chapter deals with firewalling. The 6 6 principle firewalling tool for Linux, as of the 2.4 kernel series, is 7 iptables. It replaces ipchains from the 2.2 series and ipfwadm from the 8 2.0 series. You will need to install iptables if you intend on 9 using any form of firewalling.</para> 7 <application>iptables</application>. It replaces 8 <application>ipchains</application> from the 2.2 series and 9 <application>ipfwadm</application> from the 10 2.0 series. You will need to install <application>iptables</application> if 11 you intend on using any form of firewalling.</para> 10 12 11 13 &iptables-intro; -
postlfs/security/iptables/iptables-desc.xml
r28a9992 re760c5c 2 2 <title>Contents</title> 3 3 4 <para>The iptables-package contains < userinput>iptables</userinput>,5 < userinput>ip6tables</userinput> and some libraries.</para>4 <para>The iptables-package contains <command>iptables</command>, 5 <command>ip6tables</command> and some libraries.</para> 6 6 7 7 </sect2> … … 10 10 11 11 <sect3><title>iptables</title> 12 <para> iptables is used to set up, maintain, and inspect the tables of IP packet13 filter rules in the Linux kernel.</para>12 <para><command>iptables</command> is used to set up, maintain, and inspect the 13 tables of <acronym>IP</acronym> packet filter rules in the Linux kernel.</para> 14 14 </sect3> 15 15 16 16 <sect3><title>iptables-save, ~-restore</title> 17 <para>These are used to save and to restore your elaborated set of chains and rules. Until iptables-1.2.5 they were declared experimental.</para> 17 <para>These are used to save and to restore your elaborated set of chains and 18 rules. Until <application>iptables</application>-1.2.5 they were declared 19 experimental.</para> 18 20 </sect3> 19 21 20 22 <sect3 id="ip6tables" xreflabel="ip6tables"><title>ip6tables</title> 21 <para>This is the same as iptables but for use with IPv6. As of v1.2.5,22 it is not as complete as the standard IPv4 version, especially with 23 regard to some of the modules.</para>23 <para>This is the same as <command>iptables</command> but for use with 24 <acronym>IP</acronym>v6. As of v1.2.5, it is not as complete as the standard 25 <acronym>IP</acronym>v4 version, especially with regard to some of the modules.</para> 24 26 </sect3> 25 27 26 28 <sect3><title>libip*.so</title> 27 29 <para>These are various modules (implemented as dynamic libraries) which 28 extend the core functionality of iptables.</para>30 extend the core functionality of <command>iptables</command>.</para> 29 31 </sect3> 30 32 -
postlfs/security/iptables/iptables-exp.xml
r28a9992 re760c5c 2 2 <title>Command explanations</title> 3 3 4 <para><userinput>PREFIX=/usr</userinput> : Compiles and installs 5 iptables into the <filename>/usr</filename> hierarchy instead 6 of <filename>/usr/local</filename>.</para> 4 <para><command>PREFIX=/usr</command> : Compiles and installs 5 <application>iptables</application> into the <filename class="directory"> 6 /usr</filename> hierarchy instead of <filename class="directory">/usr/local 7 </filename>.</para> 7 8 8 9 </sect2> -
postlfs/security/iptables/iptables-inst.xml
r28a9992 re760c5c 1 1 <sect2> 2 <title>Installation of iptables</title>2 <title>Installation of <application>iptables</application></title> 3 3 4 <para>Install iptablesby running the following commands:</para>4 <para>Install <application>iptables</application> by running the following commands:</para> 5 5 6 < para><screen><userinput>make PREFIX=/usr &&7 make PREFIX=/usr install</ userinput></screen></para>6 <screen><userinput><command>make PREFIX=/usr && 7 make PREFIX=/usr install</command></userinput></screen> 8 8 9 9 </sect2> -
postlfs/security/iptables/iptables-intro.xml
r28a9992 re760c5c 1 1 <sect2> 2 <title>Introduction to iptables</title>2 <title>Introduction to <application>iptables</application></title> 3 3 4 <screen>Download location (HTTP): <ulink url="&iptables-download-http;"/> 5 Download location (FTP): <ulink url="&iptables-download-ftp;"/> 6 Version used: &iptables-version; 7 Package size: &iptables-size; 8 Estimated Disk space required: &iptables-buildsize;</screen> 9 10 <para>To use firewalling, as well as installing iptables, you will need 4 <para>To use firewalling, as well as installing 5 <application>iptables</application>, you will need 11 6 to configure the relevant options into your kernel. This is discussed 12 7 in the next part of this chapter - <xref linkend="postlfs-security-fw-kernel"/>.</para> 13 8 14 <para>If you intend to use IPv6 you might consider extending the kernel15 by running <userinput>make patch-o-matic</userinput> in the top-level16 directory of the sources of iptables. If you are going to do this, on a17 freshly untarred kernel, you need to run <userinput>yes "" | make config 18 && make dep</userinput> first because otherwise the 19 patch-o-matic command is likely to fail while setting up9 <para>If you intend to use <acronym>IP</acronym>v6 you might consider extending 10 the kernel by running <command>make patch-o-matic</command> in the top-level 11 directory of the sources of <application>iptables</application>. If you are 12 going to do this, on a freshly untarred kernel, you need to run 13 <command>yes "" | make config && make dep</command> first because 14 otherwise the patch-o-matic command is likely to fail while setting up 20 15 some dependencies.</para> 21 16 22 17 <para>If you are going to patch the kernel, you need to do it before you 23 compile iptables, because during the compilation, the kernel source tree 24 is checked (if it is available at <filename>/usr/src/linux</filename> to 25 see which features are available. Support will only be compiled into 26 iptables for the features recognized at compile-time. Applying a kernel 27 patch may result in errors, often because the hooks for the patches 28 have changed or because the runme script doesn't recognize that a patch 29 has already been incorporated.</para> 18 compile <application>iptables</application>, because during the compilation, 19 the kernel source tree is checked (if it is available at <filename 20 class="directory">/usr/src/linux-<replaceable>[version]</replaceable> 21 </filename> to see which features are available. Support will only be compiled 22 into <application>iptables</application> for the features recognized at 23 compile-time. Applying a kernel patch may result in errors, often because the 24 hooks for the patches have changed or because the runme script doesn't 25 recognize that a patch has already been incorporated.</para> 30 26 31 27 <para>Note that for most people, patching the kernel is unnecessary. … … 35 31 unlikely to need to!</para> 36 32 33 <sect3><title>Package information</title> 34 <itemizedlist spacing='compact'> 35 <listitem><para>Download (HTTP): <ulink 36 url="&iptables-download-http;"/></para></listitem> 37 <listitem><para>Download (FTP): <ulink 38 url="&iptables-download-ftp;"/></para></listitem> 39 <listitem><para>Download size: &iptables-size;</para></listitem> 40 <listitem><para>Estimated Disk space required: 41 &iptables-buildsize;</para></listitem> 42 <listitem><para>Estimated build time: 43 &iptables-time;</para></listitem></itemizedlist> 44 </sect3> 45 46 37 47 </sect2> -
postlfs/security/iptables/iptables.ent
r28a9992 re760c5c 4 4 <!ENTITY iptables-exp SYSTEM "iptables-exp.xml"> 5 5 <!ENTITY iptables-desc SYSTEM "iptables-desc.xml"> 6 <!ENTITY iptables-buildsize "2. 4MB">7 <!ENTITY iptables-version "1.2. 7a">6 <!ENTITY iptables-buildsize "2.8 MB"> 7 <!ENTITY iptables-version "1.2.8"> 8 8 <!ENTITY iptables-download-http "http://www.iptables.org/files/iptables-&iptables-version;.tar.bz2"> 9 9 <!ENTITY iptables-download-ftp "ftp://ftp.netfilter.org/pub/iptables/iptables-&iptables-version;.tar.bz2"> 10 <!ENTITY iptables-size "115 KB"> 10 <!ENTITY iptables-size "128 KB"> 11 <!ENTITY iptables-time "0.28 SBU">
Note:
See TracChangeset
for help on using the changeset viewer.