Date: Tue, 27 Jul 1999 11:33:55 -0600 From: Scott Taylor <staylor@graphicexpress.net> To: freebsd-ipfw@freebsd.org Subject: reflexive access lists? Message-ID: <379DED83.70D4B4BE@graphicexpress.net>
next in thread | raw e-mail | index | archive | help
One of the rules that I have in the access lists on my cisco routers that I wish I could setup of my freebsd box are reflexive access lists. I'd love to be able to allow packets that are replies to requests from my machine be automatically allowed without allowing such a blanket permission as allowing all tcp packets with the established flag set. Reflexive lists allow me to setup harsh firewall rules yet give processes on my machine transparent access to the outside world. Here's a page by cisco describing setting up a reflexive list: http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_cr/secur_c/scprt3/screflex.htm To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?379DED83.70D4B4BE>