[ale] V6 question

Paul Cartwright ale at pcartwright.com
Wed Feb 9 15:06:20 EST 2011


On 02/09/2011 02:56 PM, Michael H. Warfield wrote:
>> it says "Built-in NAT Firewall. Is that JUST NAT, or is that a real
>> >  firewall??
>>      
> It may have a real explicit separate firewall or it may have it simply
> that the statefulness of the NAT is performing that function.  If you
> look at netfilter (iptables) you'll find the NAT is a feature of
> netfilter.  That is your firewalling logic.  It's the same state
> tracking in iptables that drives the NAT logic as drives the stateful
> filtering.  That's a lot of the source of the confusion.  If you simply
> eliminated the NAT and left the state engine and stateful filtering, it
> would still be just as secure.
>
>    
well, I also have:
+++-==============-==============-============================================
ii  shorewall      4.4.11.6-3~bpo Shoreline Firewall, netfilter configurator



-- 
Paul Cartwright



More information about the Ale mailing list