I have a box that is used as a router/firewall/Dial-in server/Name server/mail server/just about everything kind of box. It's part of an old installation that I've been meaning to scrap and redo properly with a PIX and a good router...etc., but the client's tight fisted attitude and complete refusal for ANY scheduled downtime, has caused it to remained the same for many years (used to be on a 56k leased... then ISDN for years, now it's on DSL).

So, I've been tossing around the idea of going up to a 2.4.x kernel and the all the resulting upgrades that will have to be done. The main issue I am grinding my teeth over is the change from the ipchains "firewall" I've been using, to a iptables based one.

Are there any documents/howtos on this specific situation? I am hoping to avoid sitting down with the IPTables Howto and doing a step by step translation of the scripts I use now.

As you might be able to tell, I'm not well versed in using "native" Linux tools for firewall use (aside from using it for a box to run FW-1 or some of NFR's tools on).

So... should I shut up and start in on the iptables howto, etc. or are there some "shortcuts" or even some folks out here who have faced this dragon down and slain it? Any pointers will be most appreciated.

-Brian

There are some pointers on these forums to iptables tricks and hacks, so you might want to do a search for iptables here, and of course a famous howto from LDP http://tldp.org/cgi-bin/ldpsrch.cgi