On Wednesday 14 November 2001 02:43 pm, you wrote: > iptables is implemented in 7.2 but ipchains is what is turned on by > default. Why? Because ipchains has been around longer than iptables. Those upgrading from RedHat versions with 2.2 kernels may just want to continue using their ipchains config. Perhaps RedHat didn't get around to changing their ipchains stuff to iptables. ipchains is also more complete than iptables. iptables lacks features like irc/ftp/h323 connection tracking in the kernel. (Gotta patch your kernel for those.) But iptables is cool. There shouldn't be anything stopping you from using it. Just rmmod ipchains and iptables should be good to go. (IIRC, you need iptables compiled in or the iptables module has to be loaded to use ipchains in 2.4, and ipchains is only avail as a module. Once ipchains module is loaded, iptables doesn't work.) -- Andrew S. Zbikowski | http://www.ringworld.org/~zibby Bender: You just think that robots are machines built by humans to make their lifes easier. Fry: Well, aren't they? Bender: I've never made anyone's life easier and you know it!