Ipchains
User-space portion of Linux kernel packet filtering system
title: "Ipchains" type: doc version: 1 created: 2026-02-28 author: "Wikipedia contributors" status: active scope: public tags: ["discontinued-software", "firewall-software", "free-network-related-software", "free-security-software", "free-software-programmed-in-c", "linux-kernel-features", "linux-security-software", "software-using-the-gnu-general-public-license"] description: "User-space portion of Linux kernel packet filtering system" topic_path: "technology/operating-systems" source: "https://en.wikipedia.org/wiki/Ipchains" license: "CC BY-SA 4.0" wikipedia_page_id: 0 wikipedia_revision_id: 0
::summary User-space portion of Linux kernel packet filtering system ::
::data[format=table title="Infobox software"]
| Field | Value |
|---|---|
| name | ipchains |
| developer | Rusty Russell |
| released | pre- |
| latest release version | 1.3.10 |
| latest release date | |
| latest preview date | |
| programming language | C |
| operating system | Linux |
| platform | Linux kernel |
| discontinued | yes |
| replaces | ipfirewall |
| replaced_by | iptables |
| genre | Packet filter management |
| license | GPL |
| website | |
| :: |
|name = ipchains |logo = |collapsible = |author = |developer = Rusty Russell |released = pre- |latest release version = 1.3.10 |latest release date = |latest preview version = |latest preview date = |programming language = C |operating system = Linux |platform = Linux kernel |size = |language = |discontinued = yes |replaces = ipfirewall |replaced_by = iptables |genre = Packet filter management |license = GPL |website =
Linux IP Firewalling Chains, normally called ipchains, is free software to control the packet filter or firewall capabilities in the 2.2 series of Linux kernels. It superseded ipfirewall (managed by ipfwadm command), but was replaced by iptables in the 2.4 series. Unlike iptables, ipchains is stateless.
History
It is a rewrite of Linux's previous IPv4 firewall, ipfirewall. This newer ipchains was required to manage the packet filter in Linux kernels starting with version 2.1.102 (which was a 2.2 development release). Patches are also available to add ipchains to 2.0 and earlier 2.1 series kernels. Improvements include larger maxima for packet counting, filtering for fragmented packets and a wider range of protocols, and the ability to match packets based on the inverse of a rule.
The ipchains suite also included some shell scripts for easier maintenance and to emulate the behavior of the old ipfwadm command.
The ipchains software was superseded by the iptables system in Linux kernel 2.4 and above, which was in turn superseded by the nftables system in 2014.
References
References
- Russell, Rusty. (2000-07-04). "Linux IPCHAINS-HOWTO".
- (2009-02-06). "netfilter/iptables project homepage".
::callout[type=info title="Wikipedia Source"] This article was imported from Wikipedia and is available under the Creative Commons Attribution-ShareAlike 4.0 License. Content has been adapted to SurfDoc format. Original contributors can be found on the article history page. ::