Joseph Mack wrote:
>
> QUESTION: what would you recommend for me?
> kernel 2.2.19 or 2.4.x, for this particular combination of LV-NAT and
> firewall in the same box?
If you have an SMP director then you must have 2.4 for the SMP kernel code.
If you don't have SMP, then you can choose whatever you like. However
2.2.x will eventually go away and you'll be forced to 2.4. In that case
you'll have to write ipchains rules now and then write iptables rules
when you change over. You may as well bight the bullet now and go to 2.4
now.
I've looked at the automatic firewall generating tools with ipchains.
These tools are hard to write and what you get will probably not do a good
job. I'd look at them to get the idea of what you should do and then you'll
have to go figure it out yourself.
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|