- Not ready for production
- netfilter and iptables are still in developpement
- so is linux 2.4
- New and complicated syntax
- Does not apply good old habits:
- application filtering : tcpwrapper
- kernel functionnality : rp_filter
- Unique options : filtering depending on the user, group, process or session
- Will soon reach numerous professional offers
- filtering state is not perfect ... but often good enough.
- numerous proxy exist for ipchains and will be ported to netfilter
® © Hervé Schauer Consultants 2000 -
4 bis, rue de la gare -
92300 Levallois-Perret
Phone : +33 141 409 700 -
Fax : +33 141 409 709 -
Email : <secretariat@hsc.fr>
Netfilter
