Calvin, Too give some extra information about Bering-uClibc packages that can be used for the asked functionality. > Here is a summary of the functionality required: > > Firewall: > stateful packet inspection shorwall.lrp
> NAT/PAT iptables.lrp/shorwall.lrp > IPSEC Auth > IPSEC VPN tunneling ipsec.lrp (super-freeswan) > Router: > BGP > RIP zebra.lrp, bgpd.lrp, ripd.lrp (Quagga routing suite) > Logging to external syslog server standard syslogd functionality > https/ssh configuration/management tool weblet.lrp (only management), dropbear.lrp (ssh client, configuration/management) > Port Knocking to trigger remote vpn/ssh access ? > Optional user authentication to access Internet tproxy.lrp > Block outbound traffic by IP,subnet,user,port > Block all inbound traffic from untrusted networks except that which is > initiated from inside > Allow all traffic between trusted networks. shorwall.lrp > Fastest available link should be chosen when redundant paths exist. > not currently implemented (multipath) but on the todo list for the zebra (quagga) packages. Regards, Eric Spakman ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html