[Gllug] Opinions on Smoothwall and other firewalls
Simon Stewart
sms at lateral.net
Thu Oct 11 15:30:48 UTC 2001
On Thu, Oct 11, 2001 at 04:12:22PM +0100, gllug at codex.net wrote:
> On Tue, 9 Oct 2001, Simon Stewart wrote:
>
> > Perhaps setting the BSD box to do transparent filtering? Very funky,
> > and a devil to try and crack. No pun intended.
>
> do you have any links detailiing how to easily achieve this?
There's some information in the IPFilter HOWTO. There's a mirror at:
http://www.obfuscation.org/ipf/ipf-howto.html#TOC_49
and there's the "Invisible Firewall HOWTO" at
http://www.openlysecure.org/openbsd/how-to/invisible_firewall.html
which you might find useful. FWIW, it appears as if the next version
of OpenBSD will come complete with YAFT[1] called "Packet Filter" (or
pf) because of a disagreement about the license of IPFilter.
When I get a working system with enough disk space, I might well have
a fiddle with IPFilter, PF and IPTables and see how they compare (in
terms of ease of setup, at least --- I doubt I'll ever be in a
position to find out about bandwidth limitations caused by the various
firewalling programs, though it might be interesting to see which is
fastest[2])
Cheers,
Simon
[1] Yet Another Firewalling Tool
[2] Clearly reliability is more important than speed with a firewall,
though ;)
--
`> You never need to use # for anything, either?
Not to date, but # would suffice if I did.'
-- Stig Brautaset espouses uniquely effective ways
of protecting HTML from #-stripping preprocessors
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list