ipfw keep-state

Juraj Lutter freebsd-users-l at wilbury.sk
Wed Apr 18 20:42:55 CEST 2007

Previous message: ipfw keep-state
Next message: ipfw keep-state
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dan Lukes wrote:
> Juraj Belák wrote:
>> Aky je prakticky rozdiel (vzhladom na traffic) medzi
> 
>> ipfw add allow tcp from me to any 1000 keep-state
> 
>> a
> 
>> ipfw add allow tcp from me to any 1000
>> ipfw add allow tcp from any 1000 to me
> 
> ipfw add allow tcp from me to any 1000 setup
> ipfw add allow tcp from any 1000 to me established

ja by som odporucil check-state, resp, stateful firewall. povodny
pytajuci sa ma za domacu ulohu zistit rozdiel medzi stateful a stateless
firewallom. a mozno pride aj na to, preco je NAT v ipfw taky pomaly :-)

otis

-- 
Juraj Lutter                            |  /\  ASCII Ribbon Campaign
otis (at) wilbury.sk                    |  \/  - NO HTML/RTF in e-mail
http://www.wilbury.sk/                  |  /\  - NO Word docs in e-mail

Previous message: ipfw keep-state
Next message: ipfw keep-state
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users-l mailing list