> Date: Tue, 26 Mar 2002 15:47:39 -0500
> From: Matthew Nuzum <[EMAIL PROTECTED]>
> I believe that every router can do this, even Linux.
Yes, good point. A Windows box could theoretically do it... not
that I'd ever want to. :-)
> Also, just because you use NAT doesn't mean you can't have a
> public IP address. As a matter of fact, NAT (by literal
> definition) implies that every host behind a router has an
> addressable IP on a 1 to 1 ratio. There is no rule that your
Huh? NAT can be 1:1, 1:many, many:many, or many:1.
> ?AT router has to protect only computers with private IPs. If
> your router is the gateway router between your subnet and the
> Internet and has the ability to handle rules (aka is a
> "firewall" in addition to a router) then it shouldn't matter
> what your ip addresses are.
I think that Jeff was saying that he valued his sanity more than
to mess with port forwarding, evil DNS, and non-standard ports.
> Of course all of that is moot if you the Internet or your NAT
> users can can bypass your router. I have traditionally used
> Cisco routers for doing this kind of work. Never-the-less, I
> know that Linux can do it (in all 2.x kernels I believe) and
> I've done it with FreeBSD 3.3.
FreeBSD actually has two approaches: ipfw and ipf
OpenBSD: ipf before OBSD 2.9, pf starting with 3.0
Linux 2.0: ipfwadm
Linux 2.2: ipchains
Linux 2.4: I forget the name
I've used FBSD 3.3-4.5, OBSD 2.6-3.0, and Linux 2.0 and 2.2, as
well as IOS... not to mention little turnkey and embedded router/
firewall devices.
Many people use a cute little saying in their .signature files
that I think I'll throw in:
I route, therefore you are
:-)
Eddy
Brotsman & Dreger, Inc. - EverQuick Internet Division
Phone: +1 (316) 794-8922 Wichita/(Inter)national
Phone: +1 (785) 865-5885 Lawrence
--
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots. Do NOT
send mail to <[EMAIL PROTECTED]>, or you are likely to be blocked.
_______________________________________________
cobalt-developers mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-developers
