Classnotes | UNIX03 | RecentChanges | Preferences Showing revision 1 Linux kernels have had packet filtering since the 1.1 series. In late 1994, kernel hacker Alan Cox ported the firewalling funtionality of ipfw from BSD into Linux. There has been much debate as to the legallity of this (as, in doing so, he took code copyrighted under the FreeBSD license and re-copyrighted it under the GPL) but there was never any pursuing of this question and the code was replaced soon enough.
In mid-1998, Rusty Russell set about reworking much of the networking under the Linux kernel in the 2.1 development series and introduced the userspace tool ipchains.
The first generation, based on ipfw from BSD, was ported by Alan Cox in late 1994. This was enhanced by Jos Vos and others for Linux 2.0; the userspace tool `ipfwadm' controlled the kernel filtering rules. In mid-1998, for Linux 2.2, Rusty Russell reworked the kernel quite heavily, with the help of Michael Neuling, and introduced the userspace tool `ipchains'. Finally, the fourth-generation tool, `iptables', and another kernel rewrite occurred in mid-1999 for Linux 2.4.
