This is the Linux IPCHAINS-HOWTO. You should read the Linux NET-3-HOWTO as well. The IP-Masquerading HOWTO, the PPP-HOWTO and the Ethernet-HOWTO might make interesting reading. (Then again, so might the alt.fan.bigfoot FAQ).
If packet filtering is passe to you, read Section Why?, Section How?, and scan through the titles in Section IP Firewalling Chains.
If you are converting from ipfwadm, read Section
Introduction, Section
How?, and
Appendices in section
Differences between ipchains and ipfwadm and section
Using the `ipfwadm-wrapper' script.
Linux ipchains is a rewrite of the Linux IPv4 firewalling code
(which was mainly stolen from BSD) and a rewrite of ipfwadm,
which was a rewrite of BSD's ipfw, I believe. It is required to
administer the IP packet filters in Linux kernel versions 2.1.102 and
above.
The older Linux firewalling code doesn't deal with fragments, has 32-bit counters (on Intel at least), doesn't allow specification of protocols other than TCP, UDP or ICMP, can't make large changes atomically, can't specify inverse rules, has some quirks, and can be tough to manage (making it prone to user error).
Currently the code is in the mainstream kernel from 2.1.102. For the 2.0 kernel series, you will need to download a kernel patch from the web page. If your 2.0 kernel is more recent than the supplied patch, the older patch should be OK; this part of the 2.0 kernels is fairly stable (eg. the 2.0.34 kernel patch works just fine on the 2.0.35 kernel).
The official page is The Linux IP Firewall Chains Page
There is a mailing list for bug reports, discussion, development and usage. Join the mailing list by sending a message containing the word ``subscribe'' to ipchains-request at wantree.com.au. To mail to the list use `ipchains' instead of `ipchains-request'.