RCF doesn't support iptables yet. Not to worry, ipchains will be supported for quite some time in the 2.4 kernels. (Refer to netfilter.filewatcher.org/unreliable-guides/packet-filtering-HOWTO/index.html) RCF will be ported to iptables eventually, but since defining a firewall with iptables is a far more complex matter than with ipchains, don't expect a reliable version (of any firewall for that matter) to come out soon. To use RCF with a 2.4 kernel you need to compile support for ipchains.

That new ATAPI mode is enabled by default in X-CD-Roast on linux. It requires a kernel 2.4.x and is able to access ATAPI devices directly through the IDE driver, without the help of SCSI emulation. However, that mode is still experimental and causes some problems. Using a CD writer in that mode is not recommended - please use always SCSI emulation here. The ATAPI mode on a device can cause great delays in all X-CD-Roast operations, because communication with it takes much more time.

RCF has a test mode. Because the normal comments are piped to standard output, and the commands are piped to standard error, the output is best viewed when RCF is invoked as follows:

Iptables can either be compiled into the kernel or as a modules, it does not really matter. If some of the modules are missing, then respective feature won't work and you will get an error trying to load generates script. For example, if you compile everything into the kernel and leave ipt_LOG module out, then logging will stop working and you will get errors trying to load rules with logging turned on.

You can't. Private traffic is just what it says it is: private. It must not be allowed on the public Internet, since there's no way a packet sent to a private IP will ever arrive. It just pollutes the net. You should buy yourself a second ethernet card.

This is due to the fact that you forgot to enable support for a part of the particular protocol you experience problems with. This is similar to the previous question.

Yes but right now only on the host (rootserver). Please realize that all traffic is local and will not touch the forward chain. capabilities are not enabled in kernel-setup please check that CONFIG_SECURITY_CAPABILITIES is loaded or included in the kernel. ( check with "cat /path_to_kernel/.config

Rebuilding the IA64 kernel is only advised if you're using Redhat kernels, particularly RedHat Enterprise, which seems to lag in terms of bug support for the perfmon subsystem. We highly advise you to: Download a stock 2.4 kernel 2) Apply the IA64 specific patches from http://www.kernel.org/pub/linux/kernel/ports/ia64/v2.4 . Latest info about the 2.4 perfmon support can be found at: http://www.hpl.hp.com/research/linux/perfmon/download.

In this example you would allow all the traffic that you want on your network then limit anything that does not match to a max of 25 connections in effect limiting PtP and anything unknown traffic :

Answer: Use the shorewall[-lite] show capabilities command at a root prompt.gateway:~# shorewall show capabilities Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules..

Yes, they are in the mistwall firewall package available here: http://www.timedoctor.org/files/mistwall.tar.bz2

For more info, or manual install, please refer to the installation notes. RedHat (RPM) rpm -U rcf-noarch-[version].rpm If you changed one or more of the security levels, you'll need to run RCF with the --update-config parameter, some items will appear, others disappear.

This will log all output on level user.info. Make sure you have a rule in /etc/syslog.conf to do something with that level. (On my system it will by default be logged to /var/log/messages). If your not comfortable with that level, use the '-p' flag to specify the desired level. If you use SysV startup scripts (e.g. /etc/rc.d/rc3.d/S12firewall) screen output is logged automatically when you change runlevels.

Join the 'developers' mailing list, and contribute your additions there or consider becoming an official RCF developer.

quot;iptables" commands can be entered into "advanced firewall and port forwarding" as and will be passed though to the firewall scripts, examples:

Fractionated palm kernel oil was used to eliminate any trans fatty acids in the bars. The palm kernel oil in the bars is found primarily in the coatings. To have a coating be "solid" at room temperature, the fat must be either hydrogenated (which contains trans fat) or fractionated (which is higher in saturated fat). Chocolate which neither hydrogenated or fractionated is liquid at room temperature, much like oil compared to margarine.

Please consult the document How to solve problems with QuickAddress API integrations for more information.

System libraries (such as glibc, libreadline, libproplist, whatever) that are typically available to userspace programmers are unavailable to kernel programmers. When a process is being loaded the loader will automatically load any dependent libraries into the address space of the process.

You can use almost all kernel sources available in Portage. We recommend using gentoo-sources because it is a special kernel designed for Gentoo Linux. It contains lots of AMD64-specific patches and therefore is the only kernel officially supported by Gentoo/AMD64. You can try vanilla-sources as well. If you feel brave or you need extra hardware support, you can always try the experimental kernel from Andrew Morton called mm-sources.

Some versions of the Linux kernel do better with USB devices -- PalmOS devices in particular -- than others. 2.6.15 has been reported to cause difficulties in Kubuntu, while 2.6.17 is just fine.

KPilot is developed on FreeBSD 6-STABLE on an amd64, most of the time. So use 6-STABLE, that is easiest. You will need the following settings: devfs rules to allow you to read and write to the device for the handheld. The following works for me in /etc/devfs.rules: [localrules=10] add path 'ttyU*' mode 0660 group operator usbd rules to set up the link from /dev/pilot to the device created when the HotSync starts (optional). See the FAQ entry above for details.

Almost. Sometimes for some platforms. Although we merge between the PA-RISC Linux repository and Linus' tree regularly, there is always a certain amount of separation between the two. In particular, recent bug fixes and newer platform support. Read the PA-RISC GIT howto to pull a source tree and then run: git diff refs/tags/v2.6.18-rc7..HEAD (substitute preferred tag for "v2.6.18-rc7") to get the current diff.

A recent 2.4 or 2.6 kernel should be fine - pre 2.4.9 are not supported. This requirement is mainly based on the version of the block replication device used, DRBD, but also impacts the networking code as well.

gentoo-sources and vanilla-sources are both supported. You should read the Gentoo Kernel Guide to determine which one is right for your needs.

What is RCF (rc.firewall)? RCF (AKA rc.firewall) is an ipchains-based firewall with support for over 50 network services (including vtun, DHCP, NFS, SMB, napster, proxies, online games, etc.), masquerading, port forwarding, and IP accounting. All services are self-contained modules which can be prioritized easily in the ipchains stack. Protections include spoofing, stuffed routing/masqerading, DoS, smurf attacks, outgoing port scans, and many more.

The latest stable version will be available at the homepage and at Freshmeat. If you feel the need to have the latest version, for development, or because you need the state-of-the-art, you can download the development version at: http://rcf.mvlan.net/dist/dev/

You should first do an uninstall of rc.firewall before installing RCF. To prevent the loss of your config file, use the following commands: cp /etc/firewall.conf /etc/firewall.conf.old ; rpm -e rc.firewall ; cp /etc/firewall.conf.old /etc/firewall.conf ; rpm -i rcf-[version].noarch.rpm