Hi HuXiaofeng, you wrote:
> Build a secure firewall needs the mixture use of packet filters and
> application gateways.
and a audit tool to check the work of your firewall !
> Since Linux has implemented the packet filter,my task
> is to write an application gateway.It's not a easy work,isn't it?I plan to
> begin with a certain existing firewall as a model,and adding the needed
> functions to it.
i use Linux at all
ipfwadm for the packet-filter-rules,
rinetd for application proxy,
masquerading for outgoing traffic and
sniffit with my own filter-plugin for auditing
> I would be most grateful if you could answer the following questions:
>
> What functions and features most application gateways have,and what's the
> trends in it?
if the firewall have many feature, it is possible to have many bugs within
features. ;-)
if you need a feature, search for a good product for this feature.
> Which existing firewall would be the best one to beging with?
i only use security software which a can see the source.
all other software are Trojan-horse. ;-)
--
------------------------------------------------------------------------
Edwin Cremer
[EMAIL PROTECTED] PGP-Key-ID: 3AF75CD9
PGP-Key-fingerprint: 22 D7 06 43 3E 04 3F FA D4 7A 67 EA 6B 70 60 25
------------------------------------------------------------------------
"Only wimps use tape backup: _real_ men just upload their important stuff
on ftp, and let the rest of the world mirror it."
Linus Torvalds:
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
