[ale] V6 question
Paul Cartwright
ale at pcartwright.com
Wed Feb 9 15:06:20 EST 2011
On 02/09/2011 02:56 PM, Michael H. Warfield wrote:
>> it says "Built-in NAT Firewall. Is that JUST NAT, or is that a real
>> > firewall??
>>
> It may have a real explicit separate firewall or it may have it simply
> that the statefulness of the NAT is performing that function. If you
> look at netfilter (iptables) you'll find the NAT is a feature of
> netfilter. That is your firewalling logic. It's the same state
> tracking in iptables that drives the NAT logic as drives the stateful
> filtering. That's a lot of the source of the confusion. If you simply
> eliminated the NAT and left the state engine and stateful filtering, it
> would still be just as secure.
>
>
well, I also have:
+++-==============-==============-============================================
ii shorewall 4.4.11.6-3~bpo Shoreline Firewall, netfilter configurator
--
Paul Cartwright
More information about the Ale
mailing list