From owner-freebsd-hackers Sun Mar 14 10:25:21 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from obie.softweyr.com (unknown [204.68.178.33]) by hub.freebsd.org (Postfix) with ESMTP id 0A17B14E61; Sun, 14 Mar 1999 10:25:16 -0800 (PST) (envelope-from wes@softweyr.com) Received: from softweyr.com (wes@zaphod.softweyr.com [204.68.178.35]) by obie.softweyr.com (8.8.8/8.8.8) with ESMTP id LAA09771; Sun, 14 Mar 1999 11:23:43 -0700 (MST) (envelope-from wes@softweyr.com) Message-ID: <36EBFEAF.C37CFCE6@softweyr.com> Date: Sun, 14 Mar 1999 11:23:43 -0700 From: Wes Peters Organization: Softweyr llc X-Mailer: Mozilla 4.5 [en] (X11; U; FreeBSD 3.1-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: sthaug@nethelp.no Cc: ru@ucb.crimea.ua, dg@FreeBSD.ORG, hackers@FreeBSD.ORG Subject: Re: ipflow and ipfirewall References: <19990314162419.A10242@relay.ucb.crimea.ua> <3441.921422198@verdi.nethelp.no> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG sthaug@nethelp.no wrote: > > The way I see it, "fast forward" would be for router boxes at the core > of your network. Here you're concerned about speed. Firewall filtering > you normally want to do at the edges, where you're not so concerned about > speed. Apparently you see only networks where all users are equally trusted. Most don't. Of course, if you were really worried about security, you wouldn't be using shared media and routers, would you? -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC http://www.softweyr.com/~softweyr wes@softweyr.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message