Bill Marquette wrote:
On 2/27/06, Adam Gibson <[EMAIL PROTECTED]> wrote:
Gregory Machin wrote:
Hi
Please could you advise / confirm that the php interface and it's
acociated code are under bsd licience ?
As i would like to port it to linux for use on my vpn servers ..
If you get anywhere are are ok with releasing any part of the source,
let me know. There are some features of iptables that I would like to use.
like?
Just a few that come to mind.
- static UDP source ports by default. No need to create special NAT
mappings with pfsense which is cumbersome. This solves problems hosting
game servers(where the master server uses the source port that it
receives from the game server when listing the game server to others.
Note that m0n0wall can't support this at all from all the information I
have found currently because the packet filter in 4.x bsd doesn't
support it. The static-port option was created as a pf feature in some
version of 5.x bsd and not ipf.
- Time rules without needing scripts or cron jobs.
- conntrack(nat) modules for irc, amanda, netbiosns, and many other
modules to make protocols work or work better by default without needing
helper applications to get them working behind NAT.
- Ability to pick from a bunch of extra features in patch-o-matic for
even more nat modules and such.
- different logging features. Ability to put a text description in
syslog logging messages for firewall rules.
- Ability to push accept/drop/reject decisions to userspace using ipq.
Imagine a firewall that blocks everything by default and then when you
run the firewall administration web page, any new connections will be
displayed and allow the user to accept or deny it so that the user can
automatically generate rules based on that information. I mainly use
this for creating zonealarm type functionality on Linux currently where
a gui X windows comes up asking the user to allow are reject any
incoming or outgoing connections.
