- Timestamp:
- 03/11/2005 03:40:05 AM (19 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 0e3848e3
- Parents:
- 054794c
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/iptables.xml
r054794c rf8962fe 7 7 <!ENTITY iptables-download-http "http://www.iptables.org/files/iptables-&iptables-version;.tar.bz2"> 8 8 <!ENTITY iptables-download-ftp "ftp://ftp.netfilter.org/pub/iptables/iptables-&iptables-version;.tar.bz2"> 9 <!ENTITY iptables-md5sum " 0a5f5f226e41ce408a895bec995e8c05">10 <!ENTITY iptables-size "1 57 KB">11 <!ENTITY iptables-buildsize " 4.4MB">12 <!ENTITY iptables-time "0.1 3SBU">9 <!ENTITY iptables-md5sum "c3358a3bd0d7755df0b64a5063db296b"> 10 <!ENTITY iptables-size "177 KB"> 11 <!ENTITY iptables-buildsize "3.8 MB"> 12 <!ENTITY iptables-time "0.14 SBU"> 13 13 ]> 14 14 … … 20 20 <?dbhtml filename="iptables.html"?> 21 21 <title>iptables-&iptables-version;</title> 22 22 23 <indexterm zone="iptables"> 23 <primary sortas="a-Iptables">Iptables</primary>24 <primary sortas="a-Iptables">Iptables</primary> 24 25 </indexterm> 25 26 26 <para>The next part of this chapter deals with firewalls. The princip le27 <para>The next part of this chapter deals with firewalls. The principal 27 28 firewall tool for Linux, as of the 2.4 kernel series, is 28 29 <application>iptables</application>. It replaces … … 65 66 unlikely to need to!</para> 66 67 67 <sect3><title>Package information</title> 68 <sect3> 69 <title>Package information</title> 68 70 <itemizedlist spacing='compact'> 69 <listitem><para>Download (HTTP): <ulink 70 url="&iptables-download-http;"/></para></listitem> 71 <listitem><para>Download (FTP): <ulink 72 url="&iptables-download-ftp;"/></para></listitem> 73 <listitem><para>Download MD5 sum: &iptables-md5sum;</para></listitem> 74 <listitem><para>Download size: &iptables-size;</para></listitem> 75 <listitem><para>Estimated disk space required: 76 &iptables-buildsize;</para></listitem> 77 <listitem><para>Estimated build time: 78 &iptables-time;</para></listitem></itemizedlist> 71 <listitem><para>Download (HTTP): <ulink url="&iptables-download-http;"/></para></listitem> 72 <listitem><para>Download (FTP): <ulink url="&iptables-download-ftp;"/></para></listitem> 73 <listitem><para>Download MD5 sum: &iptables-md5sum;</para></listitem> 74 <listitem><para>Download size: &iptables-size;</para></listitem> 75 <listitem><para>Estimated disk space required: &iptables-buildsize;</para></listitem> 76 <listitem><para>Estimated build time: &iptables-time;</para></listitem> 77 </itemizedlist> 79 78 </sect3> 80 79 … … 84 83 <title>Installation of <application>iptables</application></title> 85 84 86 <note><para>Installation of <application>iptables</application> will fail if raw kernel headers are 87 found in <filename class='directory'>/usr/src/linux</filename> either as actual files or a symlink. 88 As of the Linux 2.6 kernel series, this directory should no longer exist because appropriate headers 89 were installed in the linux-libc-headers package during the base <acronym>LFS</acronym> installation. 90 </para></note> 85 <note> 86 <para>Installation of <application>iptables</application> will fail if raw 87 kernel headers are found in <filename 88 class='directory'>/usr/src/linux</filename> either as actual files or a 89 symlink. As of the Linux 2.6 kernel series, this directory should no longer 90 exist because appropriate headers were installed in the linux-libc-headers 91 package during the base <acronym>LFS</acronym> installation. </para> 92 93 <para>For some non-x86 architectures, the raw kernel headers may be required. 94 In that case, add the environment variable KERNEL_DIR=/usr/src/linux to the 95 make commands below.</para> 96 </note> 91 97 92 98 <para>Install <application>iptables</application> by running the following … … 136 142 137 143 <varlistentry id="iptables-prog"> 138 <term><command>iptables</command></term> 139 <listitem><para>is used to set up, maintain, and inspect the tables of 140 <acronym>IP</acronym> packet filter rules in the Linux kernel.</para> 141 <indexterm zone="iptables iptables-prog"> 142 <primary sortas="b-iptables">iptables</primary> 143 </indexterm></listitem> 144 <term><command>iptables</command></term> 145 <listitem><para>is used to set up, maintain, and inspect the tables of 146 <acronym>IP</acronym> packet filter rules in the Linux kernel.</para> 147 <indexterm zone="iptables iptables-prog"> 148 <primary sortas="b-iptables">iptables</primary> 149 </indexterm> 150 </listitem> 144 151 </varlistentry> 145 152 146 153 <varlistentry id="iptables-restore"> 147 <term><command>iptables-restore</command></term> 148 <listitem><para>is used to restore <acronym>IP</acronym> Tables from data 149 specified on <acronym>STDIN</acronym>. Use I/O redirection provided by your 150 shell to read from a file.</para> 151 <indexterm zone="iptables iptables-restore"> 152 <primary sortas="b-iptables-restore">iptables-restore</primary> 153 </indexterm></listitem> 154 <term><command>iptables-restore</command></term> 155 <listitem><para>is used to restore <acronym>IP</acronym> Tables from data 156 specified on <acronym>STDIN</acronym>. Use I/O redirection provided by your 157 shell to read from a file.</para> 158 <indexterm zone="iptables iptables-restore"> 159 <primary sortas="b-iptables-restore">iptables-restore</primary> 160 </indexterm> 161 </listitem> 154 162 </varlistentry> 155 163 156 164 <varlistentry id="iptables-save"> 157 <term><command>iptables-save</command></term> 158 <listitem><para>is used to dump the contents of an <acronym>IP</acronym> Table 159 in easily parseable format to <acronym>STDOUT</acronym>. Use I/O-redirection 160 provided by your shell to write to a file.</para> 161 <indexterm zone="iptables iptables-save"> 162 <primary sortas="b-iptables-save">iptables-save</primary> 163 </indexterm></listitem> 165 <term><command>iptables-save</command></term> 166 <listitem><para>is used to dump the contents of an <acronym>IP</acronym> Table 167 in easily parseable format to <acronym>STDOUT</acronym>. Use I/O-redirection 168 provided by your shell to write to a file.</para> 169 <indexterm zone="iptables iptables-save"> 170 <primary sortas="b-iptables-save">iptables-save</primary> 171 </indexterm> 172 </listitem> 164 173 </varlistentry> 165 174 166 175 <varlistentry id="ip6tables"> 167 <term><command>ip6tables</command></term> 168 <listitem><para>is used to set up, maintain, and inspect the tables of 169 <acronym>IP</acronym>v6 packet filter rules in the Linux kernel. Several 170 different tables may be defined. Each table contains a number of built-in 171 chains and may also contain user-defined chains.</para> 172 <indexterm zone="iptables ip6tables"> 173 <primary sortas="b-ip6tables">ip6tables</primary> 174 </indexterm></listitem> 176 <term><command>ip6tables</command></term> 177 <listitem><para>is used to set up, maintain, and inspect the tables of 178 <acronym>IP</acronym>v6 packet filter rules in the Linux kernel. Several 179 different tables may be defined. Each table contains a number of built-in 180 chains and may also contain user-defined chains.</para> 181 <indexterm zone="iptables ip6tables"> 182 <primary sortas="b-ip6tables">ip6tables</primary> 183 </indexterm> 184 </listitem> 175 185 </varlistentry> 176 186 177 187 <varlistentry id="libip-iptables"> 178 <term><filename class='libraryfile'>libip*.so</filename></term> 179 <listitem><para>library modules are various modules (implemented as dynamic 180 libraries) which extend the core functionality of 181 <command>iptables</command>.</para> 182 <indexterm zone="iptables libip-iptables"> 183 <primary sortas="c-libip-iptables">libip*.so</primary> 184 </indexterm></listitem> 185 </varlistentry> 188 <term><filename class='libraryfile'>libip*.so</filename></term> 189 <listitem><para>library modules are various modules (implemented as dynamic 190 libraries) which extend the core functionality of 191 <command>iptables</command>.</para> 192 <indexterm zone="iptables libip-iptables"> 193 <primary sortas="c-libip-iptables">libip*.so</primary> 194 </indexterm> 195 </listitem> 196 </varlistentry> 197 186 198 </variablelist> 187 188 </sect2> 189 199 </sect2> 190 200 </sect1>
Note:
See TracChangeset
for help on using the changeset viewer.