Firewalls: Re: Linux Kernel FW

Firewalls
(September 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Linux Kernel FW
From:	Bernd Eckenfels <lists @ lina . inka . de>
Date:	Mon, 15 Sep 1997 09:01:25 +0200
To:	Chris Burton <chris @ unilinc . edu . au>
Cc:	firewalls @ greatcircle . com
In-reply-to:	<Pine . SUN . 3 . 96 . 970912185945 . 15460B-100000 @ vega . unilinc . edu . au>; from Chris Burton on Fri, Sep 12, 1997 at 07:00:52PM +1000
References:	<Pine . SUN . 3 . 96 . 970912185945 . 15460B-100000 @ vega . unilinc . edu . au>

Hello,

On Sep 12, Chris Burton wrote
> Has anyone had any experience with the Linux kernel Firewall or any
> feedback as to reliablity?

It's a full featured (but stateless) PAcket Filter. The logging is a bit
tiny, but the rules based on interface protocol or port are rather well
implemented. You may get some trouble if you want to filter strange IP
Protocols (of course there is a module interfasce to extend the filter).

If you look for a statefull solution, look at sf-firewall (currently only
supporting two interfaces) on http://www.inka.de/sites/lina/freefire-l/

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels @
 Wittumstrasse13 .
 76646Bruchsal .
 de --
 ( .. )  ecki @
 {inka .
 de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes @
 irc  +4972573817  BE5-RIPE
(O____O)       If privacy is outlawed only Outlaws have privacy

References:

Linux Kernel FW
From: Chris Burton <chris @ unilinc . edu . au>

Indexed By Date	Previous:	Re: VPN/encryption interoperability From: "Marcus J. Ranum" <mjr @ nfr . net>
Indexed By Date	Next:	[no subject] From: "Dmitry Trefilov" <TREFILOV @ uni . udm . ru>
Indexed By Thread	Previous:	Linux Kernel FW From: Chris Burton <chris @ unilinc . edu . au>
Indexed By Thread	Next:	E-mail architecture From: "Domenico Viggiani" <viggiani @ hotmail . com>