From owner-freebsd-stable  Thu Jan 20 21:48:15 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from tetron02.tetronsoftware.com (ftp.tetronsoftware.com [208.236.46.106])
	by hub.freebsd.org (Postfix) with ESMTP id 3B94515218
	for <freebsd-stable@freebsd.org>; Thu, 20 Jan 2000 21:48:12 -0800 (PST)
	(envelope-from zeus@tetronsoftware.com)
Received: from tetron02.tetronsoftware.com (tetron02.tetronsoftware.com [208.236.46.106])
	by tetron02.tetronsoftware.com (8.9.3/8.9.3) with ESMTP id VAA07877;
	Thu, 20 Jan 2000 21:52:40 -0600 (CST)
	(envelope-from zeus@tetronsoftware.com)
Date: Thu, 20 Jan 2000 21:52:40 -0600 (CST)
From: Gene Harris <zeus@tetronsoftware.com>
To: Brett Glass <brett@lariat.org>
Cc: freebsd-stable@freebsd.org
Subject: Re: bugtraq posts: stream.c - new FreeBSD exploit?
In-Reply-To: <4.2.2.20000120194320.019e0220@localhost>
Message-ID: <Pine.BSF.4.10.10001202147250.7833-100000@tetron02.tetronsoftware.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


>  >
>  >pass in all
>  >block in proto tcp all head 100
>  >pass in proto tcp from any to any flags S keep state group 100
>  
>  Fantastic! Forwarded to Bugtraq.
>  
>  --Brett
>  

I guess this is good.  But the thoughts of translating 350
plus rules from ipfw to ipfilter are not too appealing.
Unless, it is possible to use both.  Most of SOHO users I
know are using natd and ipfw.  I fail to see how this will
be a quick fix for them.


Gene Harris
http://www.tetronsoftware.com



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message