> I need to know if there is some firewall software for unix that over
> the firewall stuff do some addr translation for me.
I have software for a dedicated 386-class PC that will perform IP
routing with filtering and address translation. Address translation
and filtering work fine, but the router is awfully light on routing
protocols and O&M features. I am looking for some knowledgeable
testers for the parts that are done. This should be considered alpha
code at this time.
The package supports IP routing, except that source routing is
disabled, and the time stamp option is ignored. Async SLIP and
ethernet over a packet driver are the only link layers right now.
Demand dial is supported on the async lines, and multiple packet
drivers are supported. The package can spit RIP, but doesn't
listen to it yet.
My address translation works by monitoring the status of all
connections, so it can be used as a "dynamic packet filter". In
particular, it is possible to block packets that look like TCP or UDP
responses, but don't correspond to a live "connection". FTP control
connections are monitored for "PORT" commands, and these commands are
translated so that ordinary clients can FTP from the net without
problems. It is possible to configure dedicated external addresses
for internal machines, or use a single external address for all
internal machines, or some of each. There is a configuration mode
that supports connection monitoring and filtering without IP address
translation, as well.
If you are interested in testing this software please send me private
mail telling me how you intend to use the package, and something about
your background. I expect to provide some help, but I'm not
interested in folks who have never configured any kind of router