what is the need of compiling the iptables in linux kernel

Hi.,



Can any one give me the idea for what use we need to compile the iptables in linux kernel

make KERNEL_DIR=/usr/ser/linux-2.4.25
make install KERNEL_DIR=/usr/src/linux-2.4.25


what is the work of it


regards
Prabhakaran.D

Technically you don't compile iptables into the kernel.. you compile the Netfilter packet filtering modules into the kernel and iptables is an interface to those modules.

The reason you have to do this is because packet filtering is a low level job that has to be done in kernel mode before the packets are passed up to any application. You should think of netfilter as something similar to a device driver in the windows world, it talks more or less directly to the hardware and gives you an interface to control it.

I hope that clears it up

Cheers,

Hi.,


Thanx for giving me this knowledge now i am in the begineer stage.


regards,
prabhakaran.D

I think this will help u better!!!

The newest 2.4.x kernels are now using both a completely new TCP/IP network stack as well as a new NAT sub-system called NetFilter.

Within this NetFilter suite of tools, we now have a tool called IPTABLES for the 2.4.x kernels much like there was IPCHAINS for the 2.2.x kernels and IPFWADM for the 2.0.x kernels.

The new IPTABLES system is far more powerful (combines several functions into one place like true NAT functionality), offers better security (stateful inspection), and better performance with the new 2.4.x TCP/IP stack.

Finally!!!!!!!!!!! this new suite of tools can be a bit complicated in comparison to older generation kernels.