Re: OpenBSD - FreeBSD Firewalls

From: Hroi Sigurdsson (none@hroi--asdf.dk.lh.bsd-dk.dk)
Date: Thu 11 Jan 2001 - 05:19:20 CET

Next message: Hroi Sigurdsson: "Re: Hardware understøttelse"
Previous message: Laust S. Jespersen: "RE: Lang tid før ssh får forbindelse"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Date: Thu, 11 Jan 2001 05:19:20 +0100
From: Hroi Sigurdsson <none@hroi--asdf.dk.lh.bsd-dk.dk>
To: bsd-dk@bsd-dk.dk
Subject: Re: OpenBSD - FreeBSD Firewalls

"Brian A. Knudsen" wrote:

> Rygtet vil vide at man kan sætte en *BSD firewall op med statefull
> inspection, men hvor fanden gør man det ? Jeg har ledt i en dags tid, og kan
> absolut ikke finde noget ..

Se også manualsiden for ipfw.

Fra FreeBSD:

  If the ruleset includes one or more rules with the keep-state option,
  then ipfw assumes a stateful behaviour, i.e. upon a match will create
dy-
  namic rules matching the exact parameters (addresses and ports) of the
  matching packet.

  These dynamic rules, which have a limited lifetime, are checked at the
  first occurrence of a check-state or keep-state rule, and are
typically
  used to open the firewall on-demand to legitimate traffic only. See
the
  RULE FORMAT and EXAMPLES sections below for more information on the
  stateful behaviour of ipfw.

-- 
Hroi Sigurdsson

Next message: Hroi Sigurdsson: "Re: Hardware understøttelse"
Previous message: Laust S. Jespersen: "RE: Lang tid før ssh får forbindelse"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b30 : Wed 15 Nov 2006 - 18:24:04 CET