Date: Wed, 28 Mar 2001 09:42:34 -0600 From: Dave Duchscher <daved@tamu.edu> To: Julian Elischer <julian@elischer.org> Cc: Luigi Rizzo <luigi@info.iet.unipi.it>, Archie Cobbs <archie@dellroad.org>, Peter.Blok@inter.NL.net, freebsd-net@FreeBSD.ORG Subject: Re: netgraph ng_bridge and ipfilter Message-ID: <20010328094234.D1325@net.tamu.edu> In-Reply-To: <3AC0CCC3.F7DD8133@elischer.org>; from julian@elischer.org on Tue, Mar 27, 2001 at 09:24:19AM -0800 References: <200103270656.IAA78972@info.iet.unipi.it> <3AC0CCC3.F7DD8133@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Mar 27, 2001 at 09:24:19AM -0800, Julian Elischer wrote: > > in this case, this person seemed to _need_ the interaction in > > order to have a bridging firewall > > > that would be a brouter and not a bridge..Filering on IP at link layer.. > yuck. I would call it a packet filter style Firewall and they have been around for a while now. No, I don't see them as bad. They have their uses just like any technology. In fact, if I ever get the time (not likely), I was thinking of researching converting our packet filtering firewall (Drawbridge) to a netgraph node. DaveD To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010328094234.D1325>