Re: FW: Firewall Project

To: Brent Fulgham <brent.fulgham@xpsystems.com>
Cc: Debian-Devel <debian-devel@lists.debian.org>
Subject: Re: FW: Firewall Project
From: Jules Bean <jules@jellybean.co.uk>
Date: Tue, 22 Aug 2000 00:10:53 +0100
Message-id: <[🔎] 20000822001052.B955@pear.presence.net.uk>
In-reply-to: <[🔎] EDFD2A95EE7DD31187350090279C6767D50700@THRESHER>; from brent.fulgham@xpsystems.com on Mon, Aug 21, 2000 at 11:57:53AM -0700
References: <[🔎] EDFD2A95EE7DD31187350090279C6767D50700@THRESHER>

On Mon, Aug 21, 2000 at 11:57:53AM -0700, Brent Fulgham wrote:
> > > Can anyone comment on why Linux would be unsuitable for firewall use
> > > in this configuration?
> > 
> >     Can you explain what an `active' packet is?
> > 
> 
> That's my question as well.  I can't find any reference to an "active"
> packet definition.  Could he mean some kind of "keep-alive" configuration?

My guess (and it's only a guess) is that an 'active' packet (from the
AS/400s point of view) is one sent down a connection that the AS/400
initiates, whilst a 'passive' packet is one sent down a connection
initiated by the other end.

In some primitive firewalling schemes connections can only be
initiated in one directions (typically, in the case of a corporate
firewall, only outbound connections).

Needless to say, there is no 'limitation' of Linux in this respect ---
a Linux firewall can be configured to forward and/or rewrite packets
in any way desired.

Jules

-- 
Jules Bean                          |        Any sufficiently advanced 
jules@debian.org                    |  technology is indistinguishable
jules@jellybean.co.uk               |               from a perl script

Reply to:

References:
- RE: FW: Firewall Project
  - From: Brent Fulgham <brent.fulgham@xpsystems.com>

Prev by Date: Re: Compare .deb file to filesystem
Next by Date: Linux PowerDVD
Previous by thread: RE: FW: Firewall Project
Next by thread: List 'linux-il' closed to public posts
Index(es):
- Date
- Thread