The module now output iptable commands instead of ipchains
on kernel 2.4. No new capabilities were added to the module
beside that. Firewalls built using Linuxconf and ipchains should
work as before using iptables. There is one big difference though.
iptables uses the INPUT, FORWARD and OUTPUT chains very differently.
This may affect some router configuration for sure. Please review.
- ipchains always uses all the chains for any packet, except when
the packet originate from the machine.
- iptables uses the FORWARD chain only for packet going through
the machine. It uses the INPUT chains for packet targeted at the
machine and it uses the OUTPUT chains for packet sent by
the machine (not forwarded).
Now, if you do not have time to review this, there is a check-box in the
feature section of the "firewall defaults" dialog. It is called "Use IP
chains even on kernel 2.4"