Solved

linux os / ipchain queries

Posted on 2001-06-08
3
399 Views
Last Modified: 2010-05-18
Hi

I'm about to implement a Checkpt fw but due to Checkpt license constraints, would
like to explore my options further. I'm new to linux and am wondering if I can use it
for my sun ultra10 server's os and ipchain to be my firewall. Have a few queries
which I hope linux folks out there can help me with:

1. Can linux run on sparc (ultra10)?
2. Can ipchain run on sparc (ultra10) as well?
3. Can linux/ipchain support more than 2 network cards?
4. Can ipchain do NAT (many-to-one xlation, one-to-one xlation)?
5. Can I group network objects in ipchain (just like Checkpt)?
6. It's free (as I understand rite)?
7. If you have any other information that you think is useful ;)

Hope you dun mind clearing my doubts. Hope to be able to implement my fw
solution using ipchain. Thanks in advance.

Rusti
(kytam@singnet.com.sg)


0
Comment
Question by:rusti
3 Comments
 
LVL 3

Assisted Solution

by:superschlonz
superschlonz earned 25 total points
ID: 6174942
1: I lnow tha linux runs on SUN machines (I hav some) and that it also runs on
ultras and im not 100% sure if it runs on an ultra10 but I never read about a
problem running Linux on an ultra 10. So you chance that it runs is very good.
perhaps you should ask the sparclinux mailing list sparclinux@cger.kernel.org

2: If you get it running so ipchains will also do (except with very old kernels
version < 2.2.0 I think).

3: Yes.

4: Im not sure, I never used NAT before kernel 2.4.0 except masquerading.

6: Yes.

7: I use Kernel 2.4.4 at the moment. It supports SNAT and DNAT and many
other features like connection tracking.
But you have to use another tool for configuring it: iptables (http://netfilter.filewatcher.org/
 there you find also some HOWTO's).
0
 
LVL 5

Accepted Solution

by:
BlackDiamond earned 25 total points
ID: 6175709
rusti,
superschlonz is correct, but I'll try to fill in some more details for you. (if you find these comments useful, please give super the points).

1: There are many distributions of Linux that have full support for sparc and ultrasparc platforms.  A couple include Debian and Suse.  Redhat stopped support after their 6.2 release, and they have no intention (as far as I know) of doing any future releases for the sparc platforms.  For this type of application, I would consider a unix platform (such as Free-BSD ) as well.

2: Yep, it is included with all newer distributions.

3: Definitely

4: Yes

5: Not really.  The management features are quite different between ipchains and Checkpoint.  Ipchains, unlike Checkpoint, is not a state based firewall.  If you require the features of a state based firewall, then you should investigate iptables instead.  Iptables is also available on most newer Linux distributions using the 2.4 kernel.  More info and the source is available at http://my.netfilter.se/ ..

6: Yes.  Before using free software, you should become familiar with open-source licensing.  The 2 most commonly used licenses are the GPL and the BSD license.  You can get information on these at http://www.gnu.org and http://www.bsd.org respectively .  It is always free to use software released under either license, but there are different stipulations if you modify the software and use it for commercial use.  Good to know the stuff regardless.
0
 
LVL 5

Expert Comment

by:zenlion420
ID: 9706084
Hey people,

No comment has been added in roughly 2 years, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question
be PAQ'd and pts split between BlackDiamond and superschlonz.
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Zenlion420
EE Page Editor
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question