Bug 40429
Summary: | ipchains says "Incompatible with this kernel" if no /etc/sysconfig/ipchains exists | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Daniel G. Link <daniel_link> |
Component: | ipchains | Assignee: | Mike A. Harris <mharris> |
Status: | CLOSED NOTABUG | QA Contact: | David Lawrence <dkl> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.1 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i586 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2001-05-13 20:47:40 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Daniel G. Link
2001-05-13 20:47:36 UTC
This is not a bug. The 2.4.x kernel has a totally brand new firewall interface called "netfilter". When used in its native mode, netfilter is configured using the "iptables" command. netfilter also has backward compatibility modules however so that you can use an ipchains or ipfwadm based firewall script with the new netfilter without worrying about having to completely rewrite all of your existing firewall code. In order to maintain backward compatibility with our previous releases, we decided to continue using ipchains as the supported firewall interface. All of our distribution supplied tools use the netfilter ipchains interface. Our startup scripts for ipchains firewalling load the iptables "ipchains" personality module when the firewall is enabled. If you disable our supplied firewall script, then the module does not get loaded. If you want to use an alternative ipchains based firewall script, you will have to manually load the ipchains personality module yourself from your own scripts, or even better - avoid ipchains, and use iptables natively. Hope this helps. |