> A quick glance raises this question about net.inet.tcp.blackhole,
> net.inet.udp.blackhole, IPSTEALTH, and TCP_DROP_SYNFIN. I'm sure there
> are others.
I agree for the IPSTEALTH and TCP_DROP_SYNFIN options, but *.blackhole
options are quite useful if you want to open a range of port (for
example FTP passive port range) without appearing as non-firewalled.
This feature cannot be achieved using one of the available packet
filters on FreeBSD.
Regards,
--
Jeremie LE HEN aka TtZ/TataZ [EMAIL PROTECTED]
[EMAIL PROTECTED]
Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
