Johnson,I've just recently gone through the exercise, so maybe I can share some of my experiences.
Originally, I had tried to install ipchains-1.3.9-17.i386.rpm, but was getting errors back from rpm that I could not install this package. I've noticed that there is an rpm patch now available on the cobalt support site, so possibly this issue has now been resolved.
I ended up going back to a RedHat 6.1 CD that I have, and grabbed ipchains-1.3.9-3.i386.rpm, and was able to install this just fine. All I needed in order to install ipchains was this rpm, I did not need iproute, iputils, or ipxutils. Just the ipchains rpm was needed. I can make ipchains-1.3.9-3.i386.rpm available to you if you can't find it any other route.
Also, ipchains will not directly affect portsentry. Obviously, if ipchains is set to deny or discard traffic on a port that portsentry is watching, ipchains will drop the packet before portsentry sees it, so portsentry will not alarm you on that port. If you have ipchains set to accept traffic on a port that portsentry is monitoring, ipchains will accept the packet and send it to the port, only to have portsentry intercept the traffic and take it's measures.
Hope this helps. Charlie At 04:13 PM 4/20/01 +0800, Johnson Lim wrote:
I'm trying to install ipchains in my Raq3. I had search the listings for the place to download the ipchains RPM but the URL listed seems dead or unaccessible. Unable to download from www.redhat.com as well. I managed to get an ipchains RPM from a RedHat Linux 7.0 CD(ipchains-1.3.9-17.i386.rpm). Can I install this version of ipchains into Cobalt? Cos I don't think Cobalt is using RedHat Linux 7. I also found iproute, iputils and ipxutils in the CD. Does these need to be installed as well? Will ipchains affect portsentry if I use default ACCEPT policy?