Date: Sat, 22 Jun 1996 12:40:44 -0400 (EDT) From: Brian Tao <taob@io.org> To: Darren Reed <avalon@coombs.anu.edu.au> Cc: FREEBSD-SECURITY-L <freebsd-security@FreeBSD.org> Subject: Re: IPFW vs. IP Filter? Message-ID: <Pine.NEB.3.92.960622123716.9476E-100000@zap.io.org> In-Reply-To: <199606221557.LAA16392@io.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 23 Jun 1996, Darren Reed wrote:
>
> It might make it a bit difficult on the human side to work out which
> is doing what, however, so I'd be tempted to use one or the other.
Yeah... I think I'm going to try ipfilter out, since some of the
local NetBSD security folks in town recommend it highly. Now to
figure out how to get it installed here. I'm not groking how lkm's
are supposed to be built... the INSTALL.xBSD instructions don't work.
I'll fiddle with it some more before I pester you with more questions. :)
BTW, this is in the ipfw man page:
| There is one kind of packet that the firewall will always discard, that
| is an IP fragment with a fragment offset of one. This is a valid packet,
| but it only has one use, to try to circumvent firewalls.
I assume ipfilter does this as well?
--
Brian Tao (BT300, taob@io.org, taob@ican.net)
Systems and Network Administrator, Internet Canada Corp.
"Though this be madness, yet there is method in't"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.92.960622123716.9476E-100000>