--On Wednesday, November 15, 2000 10:23 PM +0000 Jim Breton
<[EMAIL PROTECTED]> wrote:
> It just didn't seem to make much sense to me to filter outbound packets,
> but this raises another question: with a stateful packet filter like
> ipfilter, would it not be possible for me to match inbound UDP packets
> to recent outbound packets and only allow those responses in? (Perhaps
> with an expiration of 30 secs or so.) Of course with TCP we can do this
> easily using the SYN flag, but lacking any such feature in UDP, and not
> having any experience (yet) with stateful filtering tools, I wonder if
> this is one of their capabilities.
Yup, it is. Every stateful packet filter I've used allows this.
--
Carson Gaspar - [EMAIL PROTECTED]
Queen trapped in a butch body
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
