Suggestion regarding a new option for IPFW2

[Michael Sierchio]

Sten Daniel Sørsdal wrote:

> are you by any chance using NAT? if you are, then the firewall
> does not need masking (it already has the public ip and this option
> would be of little/no use).
> if not, then you still have the issue of firewalls presence being 
> easily spotted.
> 
> Thank you for your comments!

I can see value in using a firewall in bridging mode, in which
case sending ICMP messages might use an alias address not associated
with any interface -- if there are no IP addrs on the external interface,
for example.