From owner-freebsd-security Wed Jan 3 13:55: 4 2001 From owner-freebsd-security@FreeBSD.ORG Wed Jan 3 13:55:01 2001 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from pooka.techfuel.com (pooka.techfuel.com [216.133.15.161]) by hub.freebsd.org (Postfix) with ESMTP id 9041137B400 for ; Wed, 3 Jan 2001 13:55:01 -0800 (PST) Received: from basilisk.techfuel.com (mail-internal.techfuel.com [172.16.1.2]) by pooka.techfuel.com (8.9.3/8.9.3) with ESMTP id NAA44075; Wed, 3 Jan 2001 13:54:55 -0800 (PST) (envelope-from kehlet@fisix.com) Received: (from root@localhost) by basilisk.techfuel.com (8.9.3/8.9.3) id NAA88136; Wed, 3 Jan 2001 13:54:55 -0800 (PST) Received: from leviathan.techfuel.com (leviathan.techfuel.com [172.16.1.26]) by basilisk.techfuel.com (8.9.3/8.9.3) with ESMTP id NAA88077; Wed, 3 Jan 2001 13:54:54 -0800 (PST) Received: (from kehlet@localhost) by leviathan.techfuel.com (8.11.1/8.11.0) id f03Lssf73456; Wed, 3 Jan 2001 13:54:54 -0800 (PST) (envelope-from kehlet@fisix.com) X-Authentication-Warning: leviathan.techfuel.com: kehlet set sender to kehlet@fisix.com using -f Date: Wed, 3 Jan 2001 13:54:54 -0800 From: Steven Kehlet To: Darren Henderson Cc: freebsd-security@freebsd.org Subject: Re: statefull packet filter together with natd question Message-ID: <20010103135454.D68832@leviathan.techfuel.com> References: <20010103120449.A66966@leviathan.techfuel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from darren@nighttide.net on Wed, Jan 03, 2001 at 04:37:50PM -0500 X-scanner: scanned by Inflex 0.1.4 - (http://www.spyda.co.za/inflex) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > numbers on established packets, etc). I see you got this from > > http://www.bsdtoday.com/2000/December/Features359.html. > > Yes, it was a very helpful site. Hopefully I haven't given the impression > that this was personal creation; in future I need to make notation I'm sure no one got upset :-). I only pointed it out because the author of that page (Peter Brezny) had joined in this thread, and other people might be interested in that url as well :-). Credit never hurts, but in this community we're all borrowing from each other anyway... > Ah, I did suspect I had missed the full nature of the problem. On the off > chance that I hadn't I just wanted to forward what I had, I know searching > for answers can be quite time consuming on occassion and I had it on hand. THANKS for offering your rules for discussion... I should have made my appreciation more clear :-). There are very few examples of stateful ipfw + natd out there... Thanks! :-), Steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message