From owner-freebsd-hackers  Fri Oct 27  5: 4:27 2000
Delivered-To: freebsd-hackers@freebsd.org
Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11])
	by hub.freebsd.org (Postfix) with SMTP
	id 4FDE637B479; Fri, 27 Oct 2000 05:04:23 -0700 (PDT)
Received: from walton.maths.tcd.ie by salmon.maths.tcd.ie with SMTP
          id <aa09072@salmon>; 27 Oct 2000 12:42:30 +0100 (BST)
Date: Fri, 27 Oct 2000 12:42:29 +0100
From: David Malone <dwmalone@maths.tcd.ie>
To: "Stop here. Start everywhere." <feedback@phpStop.com>
Cc: freebsd-hackers@freebsd.org, freebsd-stable@freebsd.org
Subject: Re: ipfw security.
Message-ID: <20001027124229.A52457@walton.maths.tcd.ie>
References: <39F955F2.49FA8BE0@phpStop.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <39F955F2.49FA8BE0@phpStop.com>; from feedback@phpStop.com on Fri, Oct 27, 2000 at 12:16:18PM +0200
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Fri, Oct 27, 2000 at 12:16:18PM +0200, Stop here. Start everywhere. wrote:

> I thought I would spread this to the mailing list just in case no one
> knew about it, and ask whether ipfw does implement all of the mentioned
> requirements:
> 
> ftp://ftp.isi.edu/in-notes/rfc2979.txt
> 
> Well, does ipfw support all of it, and if not, what doesn't it support?

Ipfw allows you to specify what action to take on the recept of
certain packets. As such it compliance with that RFC depends on
your intended security policy and the set of rules you define using
ipfw.

It is certainly possibly to create complient and noncomplient
rule-sets.

	David.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message