Doesn't ipfilter and freeswan require that folks stay with a 2.0.X kernel
rather then being able to progress up to a 2.2.X and above kernel?
Policy routing in the iptables and 2.4.X kernels soon to be out, can
accomplish the same thing, yes?
Thanks,
Ron DuFresne
On Mon, 10 Jan 2000, Aaron C. Springer wrote:
> Just use ipfilter
>
> acs
>
> On 10-Jan-00 Helmut Springer wrote:
> >> But the NAT makes the IPChains in Linux statefull, since it knows how
> >> to handle fragmentation, window and syn/ack tracking.
> >
> > yup, it does feel like a kludge though to add a state machine by adding
> > a masquerading (many2one NAT) stage 8-/
> >
> > --
> > MfG/best regards, helmut springer
> > [EMAIL PROTECTED]
> >
> > "Freedom's just another word for nothing left to lose"
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
>
>
> _______________________
> Aaron C. Springer
> [EMAIL PROTECTED]
> pgp key published
> _______________________
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
