On Sat, Mar 03, 2007 at 08:08:36AM +0000, David Hart wrote:
> 
> If you need to manage a half-dozen zones the chances are that you'll
> be doing packet filtering on specialized hardware so shorewall will
> be of no use.
> 
Well, chances are you don't know what you are talking about.  Please go
look at some of the shorewall mailing list archives.  People implement
some very complex configurations with shorewall.  Besides, shorewall
also allows you to do some neat things like have a layer-2 bridge that
also does layer-3 filtering very easily.  Doing layer-3 filtering in a
layer-2 device is technically a violation of the network model, but is
very handy nonetheless.

Regards,

-Roberto
-- 
Roberto C. Sanchez
http://people.connexer.com/~roberto
http://www.connexer.com

Attachment: signature.asc
Description: Digital signature

Reply via email to