|
||||||||
On Thu, 7 Oct 2004 15:40:00 +0200, horst dot ritter at mach dot com <horst dot ritter at mach dot com> wrote: > > > I recommend the m0n0wall to customers which neither have a Cisco or > Checkpoint already in place nor they are able to get such a device. Hence, > I am afraid it is not reasonable to ask each of them to put a second device > in the network. Especially, only to do NAT due to the fact that it won't be > a unique solution for only one customer. Otherwise, I would gladly apply > your proposal. > FWIW, I've worked with my fair share of commercial firewalls, and I don't know any that would do what you've described. > Therefore, I would like to ask if this function is interesting enough to > put it on the "To do/Whishlist"? I'm not intricately familiar with the inner workings of ipf/ipnat, but this sounds like something that would require a lot of work from a kernel hacker to achieve. And for relatively little return, from a demand perspective. There are better things those people could be spending their time on - i.e. things that are much more widely needed. Not saying it isn't a worthy feature, that's just why you'll likely never see it. Someone please correct me if I'm wrong. Sorry I can't offer an "all in one" solution. -Chris |