On Sun, Feb 5, 2012 at 7:05 AM, Bill Tillman <btillma...@yahoo.com> wrote: > The only truly safe firewall ruleset consists of one rule and that is: > > deny all from any to any
This ruleset is potentially a denial of service attack if the system is intended to do certain useful things. You can't talk about "only truly safe firewall ruleset" without also talking about your threat model (and intended functionality). -- Eitan Adler _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
