Subject: Re: r/o filesystem restrictions for firewall?
To: Jon Lindgren <jlindgren@slk.com>
From: David Maxwell <david@vex.net>
List: port-sparc
Date: 10/25/2000 10:49:33
On Tue, Oct 24, 2000 at 06:39:10AM -0400, Jon Lindgren wrote:
> I was hoping to do something like bridging w/ipf - that way I wouldn't
> have to assign the firewall box an IP addr, so I could be a bit happier
> that the box was less likely to be cracked.  But, since NetBSD doesn't do
> bridging yet, I'm stuck (I want to stay with NetBSD).  So ipf/ipnat sounds
> like my only alternative.

There was a message not so long ago - I believe from Jason, about
moving some IP checksum code around in order to facilitate import of
bridging code.

I've searched and can't find the note, but that's what I remember.

-- 
David Maxwell, david@vex.net|david@maxwell.net --> Mastery of UNIX, like
mastery of language, offers real freedom. The price of freedom is always dear,
but there's no substitute. Personally, I'd rather pay for my freedom than live
in a bitmapped, pop-up-happy dungeon like NT. - Thomas Scoville