From owner-freebsd-doc@FreeBSD.ORG Thu Dec 16 23:06:37 2004 Return-Path: Delivered-To: freebsd-doc@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 67DC416A4CE; Thu, 16 Dec 2004 23:06:37 +0000 (GMT) Received: from zaphod.nitro.dk (port324.ds1-khk.adsl.cybercity.dk [212.242.113.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id EDD6C43D5A; Thu, 16 Dec 2004 23:06:36 +0000 (GMT) (envelope-from simon@zaphod.nitro.dk) Received: by zaphod.nitro.dk (Postfix, from userid 3000) id 0F40211D76; Fri, 17 Dec 2004 00:06:36 +0100 (CET) Date: Fri, 17 Dec 2004 00:06:35 +0100 From: "Simon L. Nielsen" To: Nik Clayton Message-ID: <20041216230635.GC759@zaphod.nitro.dk> References: <20041215191024.GA759@zaphod.nitro.dk> <20041216115014.GI17158@clan.nothing-going-on.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="JYK4vJDZwFMowpUq" Content-Disposition: inline In-Reply-To: <20041216115014.GI17158@clan.nothing-going-on.org> User-Agent: Mutt/1.5.6i cc: freebsd-doc@FreeBSD.org Subject: Re: Rework of firewall chapter start X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Dec 2004 23:06:37 -0000 --JYK4vJDZwFMowpUq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2004.12.16 11:50:15 +0000, Nik Clayton wrote: > I've always understood a firewall to be a combination of one or more > technologies, implemented in a manner that provides security. >=20 > For example, a corporate firewall might consist of a packet filter, a > mail scanning system, and an HTTP proxy. >=20 > What the chapter (and the patch) are talking about so far is (just) a > packet filter. Now a packet filter can, on its own, be the only > technology used to implement a firewall. But to my mind the distinction > is still important. Yes, I agree that the distinction between packet/network-level firewalls and proxy/application-level firewalls is important and should be explained. I did think about writing something about the topic, but I didn't simply because I want to take one thing at the time. If somebody else feel like writing about this please speak up so we avoid duplicate work. > Of course this could just be me being an old fart... I don't think so :-). --=20 Simon L. Nielsen --JYK4vJDZwFMowpUq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBwhT7h9pcDSc1mlERApypAJwMVJfTK3kN54M32f9ezZvjQQgsmwCfYVlL LqnNAL/tBJNCYUoELO9HF6c= =32mk -----END PGP SIGNATURE----- --JYK4vJDZwFMowpUq--