Michael J. Micek wrote: > > No, this script only works with iptables! I think the ipchains-deb includes > > a script with the same funtionality, but I am not sure! > > Sorry to prolong an essentially pointless discussion, but > > a) no, there's no init script in woody's ipchains > package
Hmm, I could have sworn there used to be, but I don't see it in woody's ipchains or netbase. Maybe it used to be in potato, dunno. > b) the firewall in question hasn't had netbase > upgraded, so the ipchains package per se isn't > installed yet > > c) although apt-get knows how to upgrade netbase (it > would install ipchains in the process), "dpkg -l > ipchains" or (my usual method) searching for > "^Package: ipchains" in /var/lib/dpkg/available > doesn't turn it up. > > How does apt know about ipchains when it's not listed in > /var/lib/dpkg/available? This kind of thing (apt being able > to install packages I couldn't see available) has been > bugging me for a while... Apt and dpkg keep different databases of the available packages. Apt's are in /var/lib/apt/lists, while dpkg's are in /var/lib/dpkg/available. Unlike dselect's update function, apt-get doesn't update dpkg's `available' database when you do "apt-get update". You can do it manually with dpkg's --*-avail commands if you like, or just use dselect's update function, but I usually don't bother. You can read about those commands in the dpkg manpage. HTH, Jason
