Internal recursive nameserver access

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Tue Aug 26 21:05:49 UTC 2003


Ladislav Vobr <lvobr at ies.etisalat.ae> wrote:
> :-) I put it wrong, and I am very sorry for this. I thought layer 4 
> firewall, which can just filter upd traffic based on the port, and the 
> source address, without keeping states of application specific 
> request/reply relation. UDP itself is completely stateless protocol.

> Ladislav

Ok, let's start with the phrase "layer 4 firewall". It's to me a signal 
of someone not understanding the function of a firewall.

I'll give two suggestions, one free and one expensive :


OpenBSD + pf   Included in "base distribution", stateful and several
nice extra features ( like traffic shaping and normalizing ( configurable).

Second suggestion : FW-1



-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.


More information about the bind-users mailing list