From: Haris Koutsouris <harisk@epmhs.gr>
To: netfilter-devel@lists.netfilter.org
Subject: netfilter vs iptables naming confusion
Date: Mon, 08 Dec 2003 13:17:48 +0200 [thread overview]
Message-ID: <3FD45DDC.9030901@epmhs.gr> (raw)
Dear All,
I am not a netfilter hacker but i need your insight, i hope you can help
me out.
I am a co-author of an upcoming book concerning Honeynets. In this book
we need to refer to the netfilter/iptables functionality and we try to
provide a 2 page introduction for the readers just to get them going.
One of the book reviewers felt we where missusing the term iptables and
we should use netfilter instead. Since i value the reviewer's view but i
also felt strong on my point i would be obliged if you can shed some
light on this problem. Well i really don't intened to confuse any of our
readers so i depend on you to make it clear.
Next follows my understanding on what netfilter and iptables are, Please
comment.
<my understanding>
Netfilter is a set of hooks in the networking code of the linux kernel
that allows another piece of code (kernel module) to register for
access to the packets that pass through these points. Several iptables
kernel modules (e.g ip_tables, iptable_mangle,ipt_conntrack, ipt_LOG)
implement
the firewalling functionality and in addition the user space utility
iptables is used as a user interface to the iptables functionality.
If I am correct, then the Netfilter code though its a great idea it
shouldn't be that big percentage of the firewalling code. Thus, i fill
that we can name the whole thing IPTables provided we add a footnote
stating the existance of Netfilter and provide enough references for
the user to explore the whole magic of netfilter/iptables.
</my understanding>
A final question are the kernel modules named iptables modules or
netfilter modules?????
A raw grep in the archives of the netfilter users mailing list revealed
the following:
grep "iptables modules" user-netfilter.mbox | wc -l
84 references
grep "netfilter modules" user-netfilter.mbox | wc -l
68 references
The same search on the developers list revealed:
"iptables modules" 37 references
"netfilter modules" 99 references
Thank you for your advice.
Yours
Haris Koutsouris
next reply other threads:[~2003-12-08 11:17 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-12-08 11:17 Haris Koutsouris [this message]
2003-12-08 12:09 ` netfilter vs iptables naming confusion Henrik Nordstrom
2003-12-08 15:28 ` Haris Koutsouris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3FD45DDC.9030901@epmhs.gr \
--to=harisk@epmhs.gr \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.