From owner-freebsd-net Tue Jun 1 12: 5:57 1999 Delivered-To: freebsd-net@freebsd.org Received: from labinfo.iet.unipi.it (labinfo.iet.unipi.it [131.114.9.5]) by hub.freebsd.org (Postfix) with SMTP id AC65A14D5B for ; Tue, 1 Jun 1999 12:05:52 -0700 (PDT) (envelope-from luigi@labinfo.iet.unipi.it) Received: from localhost (luigi@localhost) by labinfo.iet.unipi.it (8.6.5/8.6.5) id SAA01905; Tue, 1 Jun 1999 18:35:58 +0200 From: Luigi Rizzo Message-Id: <199906011635.SAA01905@labinfo.iet.unipi.it> Subject: Re: natd question To: svetzal@cujo2.icom.ca (Steven Vetzal) Date: Tue, 1 Jun 1999 18:35:58 +0200 (MET DST) Cc: jim@web-ex.com, net@FreeBSD.ORG In-Reply-To: <000501beabc5$b6f0e460$7ffea8c0@blazer.pr1.on.wave.home.com> from "Steven Vetzal" at May 31, 99 08:28:28 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Content-Length: 924 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I tend to disagree with Jim's comment on "unroutable IPs" being no risk. > They're no risk if you're positive the _other_ side of your link is clean, ... and the firewall machine itself, requires much tighter rules when forwarding is enable than when it is not. > I agree with Luigi's (forgive me) paranoid approach... i am usually not, but on one side we have an engineering students' lab with over 100 machines, shouldn't i be worried :) cheers luigi -----------------------------------+------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . Dip. di Ing. dell'Informazione http://www.iet.unipi.it/~luigi/ . Universita` di Pisa TEL/FAX: +39-050-568.533/522 . via Diotisalvi 2, 56126 PISA (Italy) http://www.iet.unipi.it/~luigi/ngc99/ ==== First International Workshop on Networked Group Communication ==== -----------------------------------+------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message