Re: [squid-users] iptables problem in transparent redirection

From: Simon White <[email protected]>
Date: Fri, 12 Apr 2002 08:59:32 +0000

11-Apr-02 at 18:37, Joe Cooper (joe@swelltech.com) wrote :
> I believe this is the error I was getting when testing ipchains under
> kernel 2.4. As far as I know ipchains has never been fixed in this
> regard--the answer to my query about the behavior was "yeah, connection
> tracking in ipchains is broken, use iptables".

ipchains on kernel 2.4 is actually just what could be described as an
"emulation" layer. That is, it is not the same as ipchains running under
the 2.2 kernel but a backwards-compatibility option. ipchains never did do
connection tracking AFAIK.

Iptables is much more flexible and I have very much appreciated the
transition from ipchains (where all chains are checked for all packets) to
iptables (where I finally fully understood quite why we had input, output
and forward chains)

Regards,

-- 
[Simon White. vim/mutt. simon@mtds.com. GIMPS:68.14% see www.mersenne.org]
It's amazing how some people can put their foot in their mouth with their
head so far up their ass.
[Linux user #170823 http://counter.li.org. Home cooked signature rotator.]
Received on Fri Apr 12 2002 - 06:02:18 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:32 MST