Solved

linux os / ipchain queries

Posted on 2001-06-08
3
396 Views
Last Modified: 2010-05-18
Hi

I'm about to implement a Checkpt fw but due to Checkpt license constraints, would
like to explore my options further. I'm new to linux and am wondering if I can use it
for my sun ultra10 server's os and ipchain to be my firewall. Have a few queries
which I hope linux folks out there can help me with:

1. Can linux run on sparc (ultra10)?
2. Can ipchain run on sparc (ultra10) as well?
3. Can linux/ipchain support more than 2 network cards?
4. Can ipchain do NAT (many-to-one xlation, one-to-one xlation)?
5. Can I group network objects in ipchain (just like Checkpt)?
6. It's free (as I understand rite)?
7. If you have any other information that you think is useful ;)

Hope you dun mind clearing my doubts. Hope to be able to implement my fw
solution using ipchain. Thanks in advance.

Rusti
(kytam@singnet.com.sg)


0
Comment
Question by:rusti
3 Comments
 
LVL 3

Assisted Solution

by:superschlonz
superschlonz earned 25 total points
ID: 6174942
1: I lnow tha linux runs on SUN machines (I hav some) and that it also runs on
ultras and im not 100% sure if it runs on an ultra10 but I never read about a
problem running Linux on an ultra 10. So you chance that it runs is very good.
perhaps you should ask the sparclinux mailing list sparclinux@cger.kernel.org

2: If you get it running so ipchains will also do (except with very old kernels
version < 2.2.0 I think).

3: Yes.

4: Im not sure, I never used NAT before kernel 2.4.0 except masquerading.

6: Yes.

7: I use Kernel 2.4.4 at the moment. It supports SNAT and DNAT and many
other features like connection tracking.
But you have to use another tool for configuring it: iptables (http://netfilter.filewatcher.org/
 there you find also some HOWTO's).
0
 
LVL 5

Accepted Solution

by:
BlackDiamond earned 25 total points
ID: 6175709
rusti,
superschlonz is correct, but I'll try to fill in some more details for you. (if you find these comments useful, please give super the points).

1: There are many distributions of Linux that have full support for sparc and ultrasparc platforms.  A couple include Debian and Suse.  Redhat stopped support after their 6.2 release, and they have no intention (as far as I know) of doing any future releases for the sparc platforms.  For this type of application, I would consider a unix platform (such as Free-BSD ) as well.

2: Yep, it is included with all newer distributions.

3: Definitely

4: Yes

5: Not really.  The management features are quite different between ipchains and Checkpoint.  Ipchains, unlike Checkpoint, is not a state based firewall.  If you require the features of a state based firewall, then you should investigate iptables instead.  Iptables is also available on most newer Linux distributions using the 2.4 kernel.  More info and the source is available at http://my.netfilter.se/ ..

6: Yes.  Before using free software, you should become familiar with open-source licensing.  The 2 most commonly used licenses are the GPL and the BSD license.  You can get information on these at http://www.gnu.org and http://www.bsd.org respectively .  It is always free to use software released under either license, but there are different stipulations if you modify the software and use it for commercial use.  Good to know the stuff regardless.
0
 
LVL 5

Expert Comment

by:zenlion420
ID: 9706084
Hey people,

No comment has been added in roughly 2 years, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question
be PAQ'd and pts split between BlackDiamond and superschlonz.
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Zenlion420
EE Page Editor
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now