I didn't realize this till later, but perhaps we have something
useful already..... at least *I* do :-)
I'm going to try this out and see just exactly what it does. I'm not
satisified entirely with the "watch the traffic and allow it"
approach to firewalling, but it may be a good quickstart, especially
for home nets.
In this case, you can use nstreams to generate ipchains or ipfwadm
output based on the streams it sees being routed through the firewall
- *AND* it can read output from tcpdump!
So, you could capture the data at your firewall and then send it to
your other LRP system to run nstreams against and create rules.
Of course, I'm not giving up in any way on creating this firewall-
builder I want.
--
David Douthitt
UNIX Systems Administrator
HP-UX, Linux, Unixware
[EMAIL PROTECTED]
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/leaf-devel
