On Mon, Apr 15, 2013 at 02:15:36PM +0400, Lev Serebryakov wrote: > >> Yes! This is the most clever thought in this thread. Why we need 3 > >> firewalls? Two packet filters it's excess too. We have two packet filters: > >> one with excellent syntax and functionality but with outdated bandwidth > >> control mechanism (aka ALTQ); another - with nice traffic > >> shaper/prioritization (dummynet)/classification (diffused) but with > >> complicated implementation in not trivial tasks. May be the next step > >> will be discussion about one packet filter in the system?.. > > MM> ... and as far as I can tell none of them is currently usable > MM> on an IPv6-only FreeBSD (like protecting a host with sshguard), > MM> none of them supports stateful NAT64, nor IPv6 prefix translation :( > IPv6 prefix translation?! AGAIN!? FML. I've thought, that IPv6 will > render all that NAT nightmare to void. I hope, IPv6 prefix translation > will not be possible never ever!
You disallow anonymization? NAT do anonymisation also. _______________________________________________ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"