Darren Reed wrote:
> To reduce both the size of filter rulesets as well as increasing
> throughput of non-filtered traffic, it would seem better to be able
> to setup a different filter rule set for each interface connected to
> the host. Are there any working packet filters which are able to
> operate in this way or does anyone know of any texts which discuss
> this ? With this approach, you could more easily block packets from
> outside which were trying to be internal hosts.
Is't that the method the CISCO routers use?
Andreas Siegert / Postmaster IBM Deutschland GmbH | Never grep a yacc
AIX Field Support Center Pocci Strasse 11 | by the i-node!
Internet: afx @
de D-8000 Muenchen 2 | Opinions are my own,
VNET: SIEGERT @
MUNIVM4 Voice: (49)-(89)-7670-509 not IBM's.