As another blatant advertisement, my http logs indicate that some people
still downoad OpenFWTK snapshots from milliways.chance.ru/~ark ,
though i explicitly stated that those are outdated. Referrer field
is often firewall-wizards archive. Please do not,
openfwtk home is http://www.sourceforge.net/projects/openfwtk !

On Sat, Nov 17, 2007 at 10:05:34AM -0500, Dave Piscitello wrote:
>
> Commercial examples include Watchguard FireboxX and Secure Computing
> Sidewinder. The original firewall toolkit evolved into one of my
> favorite firewalls, the TIS Gauntlet. Network Associates bought TIS,
> then NAI sold the Gauntlet to Secure Computing, who I believe offered
> the Gauntlet on Solaris but has phased out the product. Sad, I really
> loved running Gauntlet on BSD.
>
> Matthew Hannigan wrote:
> >On Wed, Nov 14, 2007 at 02:58:37PM +1100, Kelly Robinson wrote:
> >>Some firewalls, after receiving a packet, generate a new packet and
> >>populate
> >>it with data from the original, rather than forwarding the same packet
> >>that
> >>was received. What are the advantages and disadvantages of this approach?
> >>And does anyone have any examples of any firewalls that do this on the
> >>market?

> >
> >I guess all proxying fireawalls like the original fwtk do this.
> >
> >Advantage:
> >
> >Your firewall is more trusted not to do funky stuff
> >that might upset internal servers.
> >
> >Directly concomitant disadvantage:
> >
> >The packet may not be an entirely faithful
> >version of the original (besides the obvious
> >source addr/port)
> >
> >
> >
> >
> >_______________________________________________
> >firewall-wizards mailing list
> >firewall-wizards@listserv.icsalabs.com
> >https://listserv.icsalabs.com/mailma...rewall-wizards
> >

>
> email protected and scanned by AdvascanTM - keeping email useful -
> www.advascan.com
>



> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@listserv.icsalabs.com
> https://listserv.icsalabs.com/mailma...rewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards