cvs commit: src/sys/netinet ip_fastfwd.c ip_input.c ip_var.h
Jeremie LE HEN
le-hen_j at epita.fr
Mon May 10 03:51:52 PDT 2004
> A quick glance raises this question about net.inet.tcp.blackhole,
> net.inet.udp.blackhole, IPSTEALTH, and TCP_DROP_SYNFIN. I'm sure there
> are others.
I agree for the IPSTEALTH and TCP_DROP_SYNFIN options, but *.blackhole
options are quite useful if you want to open a range of port (for
example FTP passive port range) without appearing as non-firewalled.
This feature cannot be achieved using one of the available packet
filters on FreeBSD.
Regards,
--
Jeremie LE HEN aka TtZ/TataZ jeremie.le-hen at epita.fr
ttz at epita.fr
Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!
More information about the freebsd-net
mailing list