Seems I never have any luck with ipchains or tables when compiling my kernels (2.4.17 latest)

which should i compile and how should i compile it so cpanel doesnt cry?

as built in or as a module?

and which one should i use? I been compiling iptables as built in with the following

<*> IP tables support
<*> limit match support
<*> netfilter MARK match support
<*> Multiple port match suppor
<*> TOS match support
<*> Packet filtering
<*> REJECT target support

When i run ipchains manually i get this

sandy [~]# ipchains -A input -s 123.123.123.0/24 -d 0/0 80 -p tcp -j REJECT
ipchains: Protocol not available

You need to decide which one you want to use. If you want to use ipchains, then you need to disable iptables, and enable ipchains in the kernel. Otherwise, use iptables commands not ipchains.

-Dan

yah thats what i figured

which is better iptables or chains? :)

It really depends on the complexity of your firewall. iptables is much more robust, but it is also fairly new. ipchains has been around for years now, and obviously some people still prefer it, because it just got put back into the 2.4.x kernel not too far back. Another thing to note is if you plan on using any firewall building tool, most of them are written against ipchains.

-Dan

Try

modprobe ipchains