6 Ekim 2025 Pazartesi

ipfwadm - Eski Firewall Kullanmayın

Giriş
Açıklaması şöyle. Yani ipfwadm ve ipchains eski şeyler
Initially, Linux introduced a tool called ipfwadm into the kernel to support a firewall. But it had significant limitations 

- Only basic packet filtering capabilities
- No support for stateful inspection; if outbound traffic was allowed, there was no automatic way to allow the related inbound response. For example, if you pinged, you wouldn't automatically receive the reply unless you manually configured it.

Things got a little better somewhat with the introduction of ipchains. It offered certain advantages over ipfwadm, such as 

- More flexible rule matching 
- Basic support for connection tracking.

However, it still fell short. The connection tracking wasn't fully stateful, there was no support for IPv6, and the design wasn't scalable — meaning rule sets became slower and harder to manage as they grew.