Date: Sun, 27 Sep 1998 19:14:08 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Ollivier Robert <roberto@keltia.freenix.fr> Cc: freebsd-security@FreeBSD.ORG Subject: Re: ipfw Message-ID: <12022.906916448@critter.freebsd.dk> In-Reply-To: Your message of "Sun, 27 Sep 1998 16:58:09 %2B0200." <19980927165809.A26371@keltia.freenix.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <19980927165809.A26371@keltia.freenix.fr>, Ollivier Robert writes: >According to Poul-Henning Kamp: >> * per interface input list >> * per interface output list >> * packet forwarding list >> * ip_input() list >> * ip_output() list >> >> Doing it would be simple, but people complained that configuring it would >> be too complex. > >Even having #1, #2 and #3 would be nice. In my experience with Network >Systems' routers (which have the 5 levels above), most people use the first >three most. ... for routers, and the last two most for hosts, although #1 and #2 will do the same thing on a one interface machine. -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." "ttyv0" -- What UNIX calls a $20K state-of-the-art, 3D, hi-res color terminal To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?12022.906916448>