Hi rsavage! On Thu, 28 Feb 2002, [EMAIL PROTECTED] wrote: > Yeah - that's what I figured. Do you know (or anyone esle) know of a good > IPChains -to-> IPTables converter script? Something sombody might have > already tried? > If you want to avoid downtime why don't you just hand the ipchains rules to a security specialist who knowns both of them with sensitive informations removed (real ip to $EXTERNAL_IP and the like).
You can have a 2.4 kernel support both ipchains and iptables (but one at a time). Now you can try the translated rules w/ minimum downtime or you may set up a different box w/ same configuration. FWIW, iptables is much `smarter' than ipchains, just don't use irc helper module ;) [kidding based on some rumors] and is worth upgrading to. -- Teodor Cimpoesu Software Developer, GeCAD Software phone/fax: +40 1 321 78 03 http://www.gecadsoftware.com http://www.ravantivirus.com
