Date: Fri, 17 Dec 2004 00:06:35 +0100 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Nik Clayton <nik@FreeBSD.org> Cc: freebsd-doc@FreeBSD.org Subject: Re: Rework of firewall chapter start Message-ID: <20041216230635.GC759@zaphod.nitro.dk> In-Reply-To: <20041216115014.GI17158@clan.nothing-going-on.org> References: <20041215191024.GA759@zaphod.nitro.dk> <20041216115014.GI17158@clan.nothing-going-on.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--JYK4vJDZwFMowpUq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2004.12.16 11:50:15 +0000, Nik Clayton wrote: > I've always understood a firewall to be a combination of one or more > technologies, implemented in a manner that provides security. >=20 > For example, a corporate firewall might consist of a packet filter, a > mail scanning system, and an HTTP proxy. >=20 > What the chapter (and the patch) are talking about so far is (just) a > packet filter. Now a packet filter can, on its own, be the only > technology used to implement a firewall. But to my mind the distinction > is still important. Yes, I agree that the distinction between packet/network-level firewalls and proxy/application-level firewalls is important and should be explained. I did think about writing something about the topic, but I didn't simply because I want to take one thing at the time. If somebody else feel like writing about this please speak up so we avoid duplicate work. > Of course this could just be me being an old fart... I don't think so :-). --=20 Simon L. Nielsen --JYK4vJDZwFMowpUq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBwhT7h9pcDSc1mlERApypAJwMVJfTK3kN54M32f9ezZvjQQgsmwCfYVlL LqnNAL/tBJNCYUoELO9HF6c= =32mk -----END PGP SIGNATURE----- --JYK4vJDZwFMowpUq--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041216230635.GC759>