Are you sure that the "forward with replies" in the GUI is stateful? I was
under the impression that it just filtered statically on the ACK bit.
Additionally, I'm pretty sure that there is nothing that you can do via the
GUI that you can't do by editing the config files directly.
It's a minor point anyway. The real question is this - why are you using
Gauntlet if you're permitting traffic via the packet filtering engine?
Gauntlet is an ALG (Application Level Gateway). If you permit traffic via
the filter that would normally get passed to one of the app proxies then it
goes straight through without any inspection.
Are you positive that what you want can't be done with a plug proxy? AFAIK
the only reason that they have the ugly packet filter is to block certain
types of traffic at the shim driver level to offer a level of protection for
the host stack.
Cheers,
--
Ben Nagy
Network Consultant, Volante IT
PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520
> -----Original Message-----
> From: Mordechai T. Abzug [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, 24 May 2000 10:15 AM
> To: [EMAIL PROTECTED]
> Subject: gauntlet 5.0 stateful filtering and netperm-table
>
>
>
> Gauntlet 5.0 has stateful packet filtering via the GUI ("forward with
> replies") but doesn't seem to have it when editing netperm-table
> directly ("authenIP" with "forward" seems to only have permit, deny,
> and absorb.) The GUI creates a line with "FilterAll-FSA" in
> gauntlet.conf when doing stateful filtering, but this didn't seem to
> help in netperm-table. Is there any way to get netperm-table in 5.0
> to do stateful filtering? If not, is this improved in 5.5?
>
> TIA.
>
> - Morty
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
