On Mon, 27 Dec 1999 19:24:56 +0100, you wrote: >On Mon, Dec 27, 1999 at 12:07:17PM -0500, Tim Sailer wrote: >> I've been using it for a while. It's not real stable yet under the >> 2.2 series kernels, but it works, and works well. It's really a >> full-state firewall for Linux, which has been missing for a long >> time. > >The big question is where are its advantages over a set of ipchain rules >that I create via vi or by using firewallct or gfcc or whatever is >available.
ipchains is a stateless packet filter, sinus is a stateful packet filter. For example, it's possible with Sinus to block incoming connections from a single host if the last y seconds had more than x SYN packets from that host. Harald, *patsch* me if I'm wrong here ;) Greetings Marc -- -------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15 Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
