Firewalls: RE: Using Linux for a firewall.

Firewalls
(February 1995)

Indexed By Thread: [Previous] [Next]

Subject:	RE: Using Linux for a firewall.
From:	Johnathan Corgan <jcorgan @ aeinet . com>
Date:	Fri, 24 Feb 95 07:10:15 PST
To:	firewalls @ greatcircle . com, Darren Reed <avalon @ coombs . anu . edu . au>

>If the code I'm reading, 1.1.88, is actually what is in use, then Linux
>should be LAST on your list of operating systems to use for a firewall,
>ipfw or no.  It would be trivial for a "bad" IP packet to cause a Linux
>kernel numerous problems.  All sorts of things are done in the wrong
>order (assuming BSD is more correct) and various sanity checks on incoming
>packets are not performed.  This is just from reading their code in the
>last 5 mins, with NetBSD in another window on the right, and comparing
>the two, seeing what does and doesn't get done.  That or the BSD code is
>more paranoid about what it does and trusts, which isn't an altogether
>bad thing.

Could you be more specific about your comments above?  Yes, I am interested
in using Linux as a firewall, but hadn't begun to look at the actual
firewall code.  You're analysis could save me time.

==
Johnathan Corgan       "Cypherpunks will make networks safe for privacy."
jcorgan @
 aeinet .
 com                    -Eric Hughes
WWW:                     ftp://ftp.netcom.com/pub/jc/jcorgan/home.html

Follow-Ups:

Re: Using Linux for a firewall.
From: "Michael H. Warfield" <mhw @ wittsend . atl . ga . us>
Re: Using Linux for a firewall.
From: Darren Reed <avalon @ coombs . anu . edu . au>

Indexed By Date	Previous:	Re: SUN's Netra Internet Server / Firewall From: Carl Jolley <cjolley @ iac . net>
Indexed By Date	Next:	Re: Windows NT From: daveh @ dhcs . demon . co . uk (Dave Hodgkinson)
Indexed By Thread	Previous:	Re: Using Linux for a firewall. From: hbo @ octel . com (Howard B Owen)
Indexed By Thread	Next:	Re: Using Linux for a firewall. From: Darren Reed <avalon @ coombs . anu . edu . au>