search for: rulebase

Hi There, I've been having an issue trying to figure out a way to policy route outbound packets from a multihomed machine through the proper interface using IPFW to no avail. I've tried several different incantations of IPFW fwd/forward statements, and none of them seem to do the trick. Basically, I have a host that has multiple Internet connections. This host is running FreeBSD 4.9

I'm thinking of using jails to improve security on a server I am setting up. Specifically, I would like to put Apache/PHP in a jail, but I might like to set up 2-3 different jails for different purposes. I've found several examples showing how to set the jails up. My questions involve system requirements. Assuming plenty of disk space, 1GB ram and a dual processor PIII 1.13Ghz

Hello list, I want to make a large rulebased algorithm, to provide decision support for drug prescriptions. I have defined the algorithm in a function, with a for loop and many if statements. The structure should be as follows: 1. Iterate over a list of drug names. For each drug: 2. Get some drug related data (external dataset). Row of a dat...

Hi, I was wondering how a linux box configured as a firewall stacked up against some of the commercial products like checkpoint-1 and gauntlet. Can someone direct me to a good book or online doc that compares linux to some other firewall methods? Mind you, I''m not talking about a firewall in the classical sense, ie ip forwarding turned off and used as a proxy, but the typical Linux box

http://bugzilla.mindrot.org/show_bug.cgi?id=277 ------- Additional Comments From stevesk at pobox.com 2002-06-15 14:19 ------- i don't know what this is: debug1: Credentials Expired debug1: proxy expired: run grid-proxy-init or wgpi first File=/tmp/x509up_u500

We're supposed to provide redundant firewall service. I'm wondering if anyone has ever tried to do this and if it's realistic. Basically 2 firewall machines hooked up so if one fails the other will transparently step in. I've googled it to death without much luck. The security issue here lies in that the 2 firewalls can't talk to each other. So if I'm keeping state on

OK, an official OpenSSH advisory was released, see here: <URL: http://www.mindrot.org/pipermail/openssh-unix-announce/2003-September/000063.html > The fix is currently in FreeBSD -CURRENT and -STABLE. It will be applied to the security branches as well today. Attached are patches: buffer46.patch -- For FreeBSD 4.6-RELEASE and later buffer45.patch -- For FreeBSD 4.5-RELEASE and

I have multiple locations running * where all the phone are on their own lan and all the data is on a separate lan. The problem is they are sharing the same dsl connection. The locations are IAX2 trunked together, but it only takes one data down/up load to just kill the voice. What I am looking for is a small switch with QoS that I can stick in ahead of the dsl modem. Plug in one connection from

...@rmc1.crocker.com>, "Matthe w S. Crocker" writes: +----- | > I am the Firewall-1 administrator where I work and it has a very nice | > GUI tool for defining objects (can be hosts, networks, DNS domains, | > groups of hosts, etc.) and a straightforward way of building a | > rulebase. | | Doesn''t Firewall-1 do VPN? Virus scanning (optional), HTTP scanning | (virus/content optional) QoS. +--->8 You could probably come up with modules to do these kinds of things in connection with ipchains, but technically Linux''s solution is a packet filter, not a firewa...

I'm setting up a server where I plan to use Jails to improve security I also have installed and am configuring ipfilter. Here are my questions: Because I'm using Jails, I will have to have multiple ip aliases on the network interface. I will use ipfilter to specify what can go to each of the addresses. (e.g., allow only incoming to port 80 on the jail running apache). Another