Rework of firewall chapter start
Simon L. Nielsen
simon at FreeBSD.org
Thu Dec 16 23:06:37 UTC 2004
On 2004.12.16 11:50:15 +0000, Nik Clayton wrote:
> I've always understood a firewall to be a combination of one or more
> technologies, implemented in a manner that provides security.
>
> For example, a corporate firewall might consist of a packet filter, a
> mail scanning system, and an HTTP proxy.
>
> What the chapter (and the patch) are talking about so far is (just) a
> packet filter. Now a packet filter can, on its own, be the only
> technology used to implement a firewall. But to my mind the distinction
> is still important.
Yes, I agree that the distinction between packet/network-level
firewalls and proxy/application-level firewalls is important and
should be explained.
I did think about writing something about the topic, but I didn't
simply because I want to take one thing at the time.
If somebody else feel like writing about this please speak up so we
avoid duplicate work.
> Of course this could just be me being an old fart...
I don't think so :-).
--
Simon L. Nielsen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-doc/attachments/20041217/176d8c09/attachment.sig>
More information about the freebsd-doc
mailing list