> > Hello Marcus > A firewall on every pc will soon become a nightmare to manage as the > network grows. You could in theory put the pf rules on a read-only > remote filesystem..and have every client access to it, but thats if > you have time for such tricks... > > The internet gateway is the place to put your firewall - the one that > has the direct connection to the internet. And make sure no one can > unplug it from the network, or shut down the pf even temporarily. >
I would admit to this, but I am the only person usign these boxes. One is my machine in the office the other one is at home. Concerning the manageability I would say, yes, you are right. One should invent a solution like the manageability of WinXP SP2 with the help of the ActiveDirectory in a windows server domain. One ruleset for all boxes. But, often you read that attacks against servers will be done from the inside network. Marcus _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
