[FUGSPBR] qual regra 'pega' primeiro??
Alexandre Vasconcelos
alexandre em sspj.go.gov.br
Ter Jul 9 14:46:52 BRT 2002
irado furioso com tudo wrote:
> bem, se de repente eu tivesse realmente completamente alucinado, e
> resolvesse 'misturar' ipf com ipfw, qual regra prevalece?? Ou seja, se
> eu fizer:
>
> ipfw deny 001 allow all from any to any..
>
> e, logo após colocar um monte de regras ipf, estas (ipf) são
> acessíveis primeiro ou aquela??
>
> algum capriotti já terá experimentado com isso (opsss.. quero dizer,
> especialista) pra nos dizer?
> http://www2.fugspbr.org/mailman/listinfo/fugspbr
Irado,
Primeiro IPFW, depois IPF..
Referência
http://home.earthlink.net/~jaymzh666/ipf/index.html
(FAQ do IPF):
14. IPF and IPFW both have features I want to use, must I choose between
them?
No. You can run them both on a single machine. However, you must take
care to ensure that one package's rules do not interfere with the
other's. Note that the packages get access to rules in the order in
which they were loaded, e.g. if IPFW is compiled in the kernel and IPF
is loaded as a module, IPFW "sees" packets before IPF.
15. Won't this slow down processing packets? By how much?
Yes. How much depends much more on your particular situation than any
intrinsic issues. People who have done this have reported that it does
not meaningfully impact overall firewall performance.
[]'s
--
%--------------------------%
| Alexandre Vasconcelos |
| Sys Admin, learner. |
| SSPJ/GO |
| Power, Security, Freedom |
| http://www.freebsd.org |
%--------------------------%
________________________________________________
Para sair da lista visite o URL abaixo:
http://www2.fugspbr.org/mailman/listinfo/fugspbr
Mais detalhes sobre a lista de discussão freebsd