Firewalls: Filters and interfaces.

Firewalls
(October 1992)

Indexed By Thread: [Previous] [Next]

Subject:	Filters and interfaces.
From:	afx @ muc . ibm . de (Andreas Siegert)
Date:	Mon, 5 Oct 92 17:38:58 DFT
To:	Firewalls @ GreatCircle . COM

Darren Reed wrote:
...
>    To reduce both the size of filter rulesets as well as increasing
> throughput of non-filtered traffic, it would seem better to be able
> to setup a different filter rule set for each interface connected to
> the host.  Are there any working packet filters which are able to
> operate in this way or does anyone know of any texts which discuss
> this ?  With this approach, you could more easily block packets from
> outside which were trying to be internal hosts.

Is't that the method the CISCO routers use?

afx
-- 
Andreas Siegert / Postmaster   IBM Deutschland GmbH   |   Never grep a yacc
AIX Field Support Center       Pocci Strasse 11       |   by the i-node!
Internet: afx @
 ibm .
 de           D-8000 Muenchen 2      |   Opinions are my own,
VNET: SIEGERT @
 MUNIVM4          Voice: (49)-(89)-7670-509  not IBM's.

Follow-Ups:

Re: Filters and interfaces.
From: Roland Acra <acra @ cisco . com>

Indexed By Date	Previous:	Re: Reverse and double-reverse IP address lookups as service prerequisites From: mjr @ decuac . DEC . COM (Marcus J. "Buddy can you spare a clue?" Ranum)
Indexed By Date	Next:	Re: your mail From: "John B. Brown" <jbb @ flare . cs . umb . edu>
Indexed By Thread	Previous:	Filters and interfaces. From: avalon @ coombs . anu . edu . au (Darren Reed)
Indexed By Thread	Next:	Re: Filters and interfaces. From: Roland Acra <acra @ cisco . com>