Introduction to Linux 2.4.0 Netfilter

This article is the first of a seven-part series and sets the stage for an understanding of the new Linux 2.4.0 Netfilter firewall software. Netfilter replaces the Linux 2.2.0 ipchains software and the Linux 2.0.0 ipfwadm software.

For those of you who've been lucky enough to live under a rock for the past few months, let me give you the bad news: You have new firewall/masquerading software for which to learn how to write rules. The good news is that the rules are fairly close to what the ipchains rules were. The authors also graciously included modules that allow backward compatibility while you're fumbling around in the dark. You say you don't want to upgrade? You might want to reconsider. The new IPv6 may be closer than you think. The IPv4 address space is nearly exhausted, and more people are "discovering" the Internet every day. Netfilter supports IPv6.

