?
Solved

linux os / ipchain queries

Posted on 2001-06-08
3
Medium Priority
?
410 Views
Last Modified: 2010-05-18
Hi

I'm about to implement a Checkpt fw but due to Checkpt license constraints, would
like to explore my options further. I'm new to linux and am wondering if I can use it
for my sun ultra10 server's os and ipchain to be my firewall. Have a few queries
which I hope linux folks out there can help me with:

1. Can linux run on sparc (ultra10)?
2. Can ipchain run on sparc (ultra10) as well?
3. Can linux/ipchain support more than 2 network cards?
4. Can ipchain do NAT (many-to-one xlation, one-to-one xlation)?
5. Can I group network objects in ipchain (just like Checkpt)?
6. It's free (as I understand rite)?
7. If you have any other information that you think is useful ;)

Hope you dun mind clearing my doubts. Hope to be able to implement my fw
solution using ipchain. Thanks in advance.

Rusti
(kytam@singnet.com.sg)


0
Comment
Question by:rusti
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 3

Assisted Solution

by:superschlonz
superschlonz earned 100 total points
ID: 6174942
1: I lnow tha linux runs on SUN machines (I hav some) and that it also runs on
ultras and im not 100% sure if it runs on an ultra10 but I never read about a
problem running Linux on an ultra 10. So you chance that it runs is very good.
perhaps you should ask the sparclinux mailing list sparclinux@cger.kernel.org

2: If you get it running so ipchains will also do (except with very old kernels
version < 2.2.0 I think).

3: Yes.

4: Im not sure, I never used NAT before kernel 2.4.0 except masquerading.

6: Yes.

7: I use Kernel 2.4.4 at the moment. It supports SNAT and DNAT and many
other features like connection tracking.
But you have to use another tool for configuring it: iptables (http://netfilter.filewatcher.org/
 there you find also some HOWTO's).
0
 
LVL 5

Accepted Solution

by:
BlackDiamond earned 100 total points
ID: 6175709
rusti,
superschlonz is correct, but I'll try to fill in some more details for you. (if you find these comments useful, please give super the points).

1: There are many distributions of Linux that have full support for sparc and ultrasparc platforms.  A couple include Debian and Suse.  Redhat stopped support after their 6.2 release, and they have no intention (as far as I know) of doing any future releases for the sparc platforms.  For this type of application, I would consider a unix platform (such as Free-BSD ) as well.

2: Yep, it is included with all newer distributions.

3: Definitely

4: Yes

5: Not really.  The management features are quite different between ipchains and Checkpoint.  Ipchains, unlike Checkpoint, is not a state based firewall.  If you require the features of a state based firewall, then you should investigate iptables instead.  Iptables is also available on most newer Linux distributions using the 2.4 kernel.  More info and the source is available at http://my.netfilter.se/ ..

6: Yes.  Before using free software, you should become familiar with open-source licensing.  The 2 most commonly used licenses are the GPL and the BSD license.  You can get information on these at http://www.gnu.org and http://www.bsd.org respectively .  It is always free to use software released under either license, but there are different stipulations if you modify the software and use it for commercial use.  Good to know the stuff regardless.
0
 
LVL 5

Expert Comment

by:zenlion420
ID: 9706084
Hey people,

No comment has been added in roughly 2 years, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question
be PAQ'd and pts split between BlackDiamond and superschlonz.
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Zenlion420
EE Page Editor
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
With the rising number of cyber attacks in recent years, keeping your personal data safe has become more important than ever. The tips outlined in this article will help you keep your identitfy safe.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question