Firewalls: SUMMARY: BSDI as a screening router

Firewalls
(May 1995)

Indexed By Thread: [Previous] [Next]

Subject:	SUMMARY: BSDI as a screening router
From:	lem @ shaddam . usb . ve (LDC - Luis E. Mun~oz)
Date:	Tue, 2 May 95 20:28:30-040
To:	armandoe @ netcom . com, firewalls @ greatcircle . com

The original question was about the alternatives available to use a
BSDI box as a bridging router. The answers received, mentioned the
following solutions:

screend: Many experiences (mainly satisfactory) with the
software. Reported performance is that a 486 @
 33Mhz can pump about
5Mb/s and a Pentium about 9Mb/s. Good enough to handle a site with a
64Kbit/s.

ip_firewall: Consists of kernel patches (no source license required)
and a couple of source files. It's reported to be shareware. It's
author is danny @
 nahanni .
 BouletFermat .
 ab .
 ca .
  The program is available
at the following sites:
	
	ftp://ftp.nebulus.net/pub/bsdi/security/ipfirewall_v2.0a.gz
	ftp://ftp.bsdi.com/contrib/networking/security/ipfirewall_v2.0a.shar.gz

TIS fwtk: A good choice, though not suitable for our application.

ip_gw: Some screend lookalike. No information provided about this
software. 

ALF: A commercial package that can convert a BSDI box in a
full-fledged screening router/packet filter. Contact information
follows:

	Ari Shamash
	SOS corporation		voice 1-800-SOS-UNIX or 1-212-686-5700
	461 5th Avenue, 16th floor fax: 1-212-686-5703
	New York, NY 10017	email: ari @
 soscorp .
 com

ip_fil: A loadable kernel module that implements packet filtering with
NetBSD. It's reported to work like a charm. This package is available
at:
	ftp://coombs.anu.edu.au:/pub/net/kernel/ip_fil2.5.2.tar.gz



Many thanks to:

Scott Barman <scott @
 Disclosure .
 COM>
mht @
 shore .
 net (Mark Teicher)
Danny Boulet <danny @
 nahanni .
 BouletFermat .
 ab .
 ca>
David Maynard <dpm @
 flametree .
 com>
"Jim.Shaw" <Jim .
 Shaw @
 actrix .
 gen .
 nz>
"Daniel O'Callaghan" <danny @
 www .
 unimelb .
 EDU .
 AU>
ari @
 soscorp .
 com (Ari Shamash)
Darren Reed <avalon @
 coombs .
 anu .
 edu .
 au>
Bob Beck <beck @
 cs .
 ualberta .
 ca>


	__________________________________________________________
	| Luis E. Mu~oz R.        | PGP2.1 Key available via     |
	| Internet: lem @
 usb .
 ve	  | `finger lem @
 jihad .
 usb .
 ve'    |
	| NIC: LEM (lat), LM39    |                              |
	| uucp: sun!emsca!usb!lem |==============================|
	| Phone/Fax: 582-9431402  | These opinions are mine alone|
	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Indexed By Date	Previous:	Screened subnet with one router? From: janb @ olymp . fer . uni-lj . si (Jan Bervar)
Indexed By Date	Next:	Re: Help with begining options? From: Alan Hannan <alan @ mid . net>
Indexed By Thread	Previous:	Re: Screened subnet with one router? From: alans @ caseydog . East . Sun . COM (Alan Sonnenberg - SunNetworks)
Indexed By Thread	Next:	Some f/w capability questions. From: richard . jones @ BoM . GOV . AU (Richard Jones)