On Sat, 17 Oct 1998, Steve Lamb wrote: > Just a warning to anyone who is considering using the 2.1.x series since > 2.2 is rumoured (I stress that word highly) to be out soon. If you use > IP-Masqing it appears that the 2.1.x kernels break ipfwadm. With a broken > ipfwadm it isn't possible to add/remove IP-Masqing rules like "normal." > There may have been another way, but I did this on my production machine > (silly, I know) and just simply reverted back to my 2.0.x series kernel. It's not so much that ipfwadm breaks with 2.1.102+ kernels as that the network firewall ing code (which was orrigionally 'borrowed' from BSD) has been completely re-written. This means that you will need to use the ipchains package (not yet debianised) to do firewalling/masq'ing. For those interested, and remember that when we go 2.2.0 you'll have no choice, the ipchains homepage is at http://www.adelaide.net.au/~rustcorp/ipfwchains/ipfwchains.html
Nikolai