Dug,
Is there a site for this new fw package? do you have info on your site? It
sure sounds cool.
Carric Dooley
Senior Consultant
COM2:Interactive Media
"But this one goes to eleven."
-- Nigel Tufnel
On Tue, 26 Jun 2001, Dug Song wrote:
> keep yer pants on! :-)
>
> pf is indeed in the OpenBSD tree now, with support for IPF-compatible
> rulesets, NAT, logging of blocked packets to a fake interface
> (/dev/pflog) that is tcpdump'able (with support in tcpdump to print
> which rule the packet matched against), IPF-compatible TCP state
> tracking from Guido van Rooij's SANE 2000 paper, and much more to come
> (TCP ISN fixups ala PIX, transparent proxies, scrubbing, etc.).
>
> the code is also quite readable, which makes for easier auditing.
>
> we invite any interested parties to work with us on the new code.
>
> -d.
>
> ---
> http://www.monkey.org/~dugsong/
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
>
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
