[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenBSD Firewalls

To: "S9" <km@themcminns.com>,"Milhomem, Marcus" <Marcus_Milhomem@bmc.com>, <misc@openbsd.org>
Subject: Re: OpenBSD Firewalls
From: Mike Shaw <mshaw@wwisp.com>
Date: Wed, 02 Oct 2002 09:32:24 -0500
References: <135B28260785D411B1DD00A0C9EBE303088CC48C@ES08-HOU.bmc.com>

At 09:44 PM 10/1/2002 -0700, S9 wrote:
> > my rules are becoming very complex and I am afraid
> > of start making mistakes because of the complexity
> > of my rules.
>
>how complex? Even in large deployment scenarios,
>I've found ways to keep firewalls manageable
>one way or another by using preset interface
>security levels (a Cisco PIXish notion). Implementing
>it in pf is just a matter of default block statements.

Do you mind forwarding some cleansed examples?  I'm interested in the nuts 
and bolts of how you are doing this.

Thanks.
-Mike

Follow-Ups:
- Re: OpenBSD Firewalls
  - From: Saad Kadhi <bsdguy@docisland.org>
- Re: OpenBSD Firewalls
  - From: "S9" <km@themcminns.com>

References:
- OpenBSD Firewalls
  - From: "Milhomem, Marcus" <Marcus_Milhomem@bmc.com>
- Re: OpenBSD Firewalls
  - From: "S9" <km@themcminns.com>

Prev by Date: Re: SSG - Service Selection Gateway.
Next by Date: Re: Updating nat when external ip address changes
Prev by thread: Re: OpenBSD Firewalls
Next by thread: Re: OpenBSD Firewalls
Index(es):
- Date
- Thread