Date: Thu, 16 Aug 2001 09:58:53 -0700 From: "Crist J. Clark" <cristjc@earthlink.net> To: "Carroll, D. (Danny)" <Danny.Carroll@mail.ing.nl> Cc: freebsd-security@FreeBSD.ORG Subject: Re: IPFW and dynamic rules. Message-ID: <20010816095853.D4232@blossom.cjclark.org> In-Reply-To: <98829DC07ECECD47893074C4D525EFC31176AD@citsnl007.europe.intranet>; from Danny.Carroll@mail.ing.nl on Thu, Aug 16, 2001 at 03:27:50PM %2B0200 References: <98829DC07ECECD47893074C4D525EFC31176AD@citsnl007.europe.intranet>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Aug 16, 2001 at 03:27:50PM +0200, Carroll, D. (Danny) wrote: [snip] > Is it possible to set up a rule that works a little like this: > > internal host A connects to external host B > ipfw or natd then makes a dynamic rule that allows any traffic (or > traffic from specific ports) from host B back into the network. > After 5 minutes of inactivity, the rule is discarded. [snip] > Can it be done? Yes. Patches welcome. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010816095853.D4232>