Date: Fri, 20 Feb 2004 10:15:59 +1100 (Australia/ACT) From: Darren Reed <avalon@caligula.anu.edu.au> To: bms@spc.org (Bruce M Simpson) Cc: Dorin H <bj93542@yahoo.com> Subject: Re: traffic normalizer for ipfw? Message-ID: <200402192315.i1JNFxo4004083@caligula.anu.edu.au> In-Reply-To: <20040219211411.GB3612@saboteur.dek.spc.org> from "Bruce M Simpson" at Feb 19, 2004 09:14:11 PM
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Bruce M Simpson, sie said:
>
> On Thu, Feb 19, 2004 at 01:02:16PM -0800, Dorin H wrote:
> > Is there some way to configure ipfw to do traffic
> > normalizing ("scrubbing", as in ipf for OpenBSD)? Is
> > there any tool to do it for FreeBSD firewalling?
> > I've heard that ipf was ported on current, anything
> > else?
You mean pf, not ipf..
normalizing is over rated as a firewall feature - it's really
something that belongs in IDS software.
> We're looking at bringing pf into the tree.
For what benefit you have to wonder...
> One of the things on my
> unofficial (some would say a work of pure fiction) is to look at
> something for KaZaA filtering on BSD...
which pf won't do (so in that sense, it is pure fiction :)
Darren
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200402192315.i1JNFxo4004083>