> From: Henrik Nordstrom <[EMAIL PROTECTED]> > In my opinion, If you do "syncookie" in a firewall then the TCP should be > terminated there, with another TCP in to the real server. I.e. a proxy > solution. Why do you think that's better than simply forwarding packets with sequence/ack# translation? Surely it's less efficient. And it raises questions about how much data to buffer between the two and how that can be controlled.
- Syncookie firewall Michel Banguerski
- Syncookie firewall Don Cohen
- Re: Syncookie firewall Henrik Nordstrom
- Re: Syncookie firewall Don Cohen
- Re: Syncookie firewall Henrik Nordstrom
- Re: Syncookie firewall Michel Banguerski
- Re: Syncookie firewall Michel Banguerski
- Re: Syncookie firewall Henrik Nordstrom
- Re: Syncookie firewall Don Cohen
- Re: Syncookie firewall Henrik Nordstrom
- Re: Syncookie firewall Mark Atwood
- Re: Syncookie firewall Don Cohen
