On Mon, Aug 21, 2000 at 11:57:53AM -0700, Brent Fulgham wrote:
> > > Can anyone comment on why Linux would be unsuitable for firewall use
> > > in this configuration?
> > 
> >     Can you explain what an `active' packet is?
> > 
> 
> That's my question as well.  I can't find any reference to an "active"
> packet definition.  Could he mean some kind of "keep-alive" configuration?

My guess (and it's only a guess) is that an 'active' packet (from the
AS/400s point of view) is one sent down a connection that the AS/400
initiates, whilst a 'passive' packet is one sent down a connection
initiated by the other end.

In some primitive firewalling schemes connections can only be
initiated in one directions (typically, in the case of a corporate
firewall, only outbound connections).

Needless to say, there is no 'limitation' of Linux in this respect ---
a Linux firewall can be configured to forward and/or rewrite packets
in any way desired.

Jules

-- 
Jules Bean                          |        Any sufficiently advanced 
[EMAIL PROTECTED]                    |  technology is indistinguishable
[EMAIL PROTECTED]               |               from a perl script


Reply via email to