[ previous ] [ next ] [ threads ]
 
 From:  Christian Rohmann <Christian dot Rohmann at gmx dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Monowall , Firewall Full-State ??
 Date:  Mon, 30 May 2005 15:59:44 +0200
Heading this way is not an option, it's in some cases a must. Not having 
application level support for NAT drops the possiblitiy to use FTP for 
example.
I'd really love to see those application-level NAT things able to be 
turned off and on (making it more transparent for the admin).


Take care

Christian



Quark IT - Hilton Travis wrote:

>Hi Chris,
>
>  
>
>>-----Original Message-----
>>From: Chris Buechler [mailto:cbuechler at gmail dot com] 
>>Sent: Monday, 30 May 2005 10:06
>>
>>On 5/29/05, Nans Delrieu <delrieu dot nans at laposte dot net> wrote:
>>    
>>
>>>Hello
>>>I would like to know if monowall has a firewall full-state
>>>      
>>>
>>It's stateful on all rules, but that's not what you're asking.  
>>
>>
>>    
>>
>>>For example, is it possible to use protocol like H323 ?? 
>>>the port used are dynamic and is the FW is able to support 
>>>this ?
>>>      
>>>
>>NAT-unfriendly protocols like H.323 generally aren't very well
>>supported since there aren't many ALG's (application layer gateways)
>>in m0n0wall, though I don't know specifically about H.323.
>>    
>>
>
>Speaking of Application level firewalling, is there any chance that you
>can see m0n0wall heading down this road?  I'll also (obviously) ask the
>same question of Manuel.  :)
>
>--
>
>Regards,
>
>Hilton Travis                          Phone: +61 (0)7 3344 3889
>(Brisbane, Australia)                  Phone: +61 (0)419 792 394
>Manager, Quark IT                      http://www.quarkit.com.au
>         Quark AudioVisual             http://www.quarkav.net
>
>http://www.threatcode.com/ <-- its now time to shame poor coders 
>into writing code that is acceptable for use on today's networks
>
>War doesn't determine who is right.  War determines who is left.
>
>This document and any attachments are for the intended recipient 
>  only.  It may contain confidential, privileged or copyright 
>     material which must not be disclosed or distributed.
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>  
>