On Mon, 26 Feb 2001, Tom Eastep wrote: > George, > > When you are ready for a firewall, I have a follow-on to Seawall running > here. The new firewall is called "Seafall" (so that I don't have to walk a > tightrope to keep Seawall Incorporated off of my back) and is redesigned > from the ground up to take advantage of the capabilities of netfilter and > to avoid many of the problems that I've run into with the old 2.2 > firewall. Bonus. Keep me up to date; I've had house guests for the past two days, so doing work to verify that it now works properly hasn't been an option. > The first version supports a DMZ, Proxy ARP and static NAT with complete > control over the traffic between the outside world, the DMZ and the local > network. > > I'm still testing and trying to put together some documentation but I > should have something that's installable and usable by the end of this > week. *Nod* I'd be glad to give it a test when you do. Let me know. > Since the only connection tracking module currently part of the standard > distribution is FTP, masquerading some applications doesn't work. I also Do you know of any place to get patches for the other modules? I also haven't compiled in VPN support yet either; that'll come when I have the system confirmed working. At that point I'm going to patch in the VPN stuff, add the OpenWall patches - assuming that they're out for 2.4, which I believe they are - and a few other miscellaneous things. I'm thinking about trying to compile a new image from scratch for glibc 2.1, but I don't know if I'm that brave. =) -- George Metz Commercial Routing Engineer [EMAIL PROTECTED] "We know what deterrence was with 'mutually assured destruction' during the Cold War. But what is deterrence in information warfare?" -- Brigadier General Douglas Richardson, USAF, Commander - Space Warfare Center _______________________________________________ Leaf-devel mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-devel
