Re: Packet flow through IPFW+IPF+IPNAT ?
From: Brett Glass (brett_at_lariat.org)
Date: 06/01/03
- Next in thread: Matthew George: "Re: Packet flow through IPFW+IPF+IPNAT ?"
- Maybe reply: Matthew George: "Re: Packet flow through IPFW+IPF+IPNAT ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 31 May 2003 22:04:24 -0600 (MDT) To: duke@irpen.kiev.ua, freebsd-security@freebsd.org
I don't use IPFW and IPFilter together, but IIRC IPFilter steps between
everything else (except for bpf) and the interface. Same for IPNAT, which
integrates with IPFilter.
Since the advent of pf and altq, OpenBSD has had a better firewall
architecture than any of the other BSDs, IMHO. pf can do things which are
awkward in other systems because features were kludged in later.
I've always thought that it would be cool to be able to integrate firewall
components into FreeBSD via its unique NetGraph system. This would let you
filter specific flows of packets very efficiently.
--Brett
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Next in thread: Matthew George: "Re: Packet flow through IPFW+IPF+IPNAT ?"
- Maybe reply: Matthew George: "Re: Packet flow through IPFW+IPF+IPNAT ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
