RH 7.0 Final. If you're using /etc/rc.d/init.d/ipchains, and upgrade to 2.4 kernel (e.g. the preview one), the script will start to complain loudly about the availability of proper firewalling in the kernel. If there is an easy way, the script should - Detect if 2.4 kernel is being used - (or, if easy) detect if proper firewalliing has been configured in
Newer versions of the script check to make sure that you've at least got 2.2 installed. Since the firewalling capabilities in 2.4 are implemented using iptables, we'll have to figure out how to best deal with the transition.
Well, it's not exactly graceful, but running 'ipchains -L -n' should always work without most of the side-effects (prints out ipchains: Incompatible with this kernel, for example).
I thought about this a little. iptables-save and -restore are broken right now, and they're not exactly very clean for transitioning. The easiest way is to enable ipchains.o module which emulates ipchains if init.d/ipchains is started. A patch attached.
Created attachment 3966 [details] kernel 2.4 compatibility for ipchains script
iptables-{save,restore} should work in iptables-1.2.0.
gt.at's fix is better. But notice that there's still save/restore issue to deal with, with regular iptables. *** This bug has been marked as a duplicate of 22612 ***