Internal recursive nameserver access
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Tue Aug 26 21:05:49 UTC 2003
Ladislav Vobr <lvobr at ies.etisalat.ae> wrote:
> :-) I put it wrong, and I am very sorry for this. I thought layer 4
> firewall, which can just filter upd traffic based on the port, and the
> source address, without keeping states of application specific
> request/reply relation. UDP itself is completely stateless protocol.
> Ladislav
Ok, let's start with the phrase "layer 4 firewall". It's to me a signal
of someone not understanding the function of a firewall.
I'll give two suggestions, one free and one expensive :
OpenBSD + pf Included in "base distribution", stateful and several
nice extra features ( like traffic shaping and normalizing ( configurable).
Second suggestion : FW-1
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list