On Thu, 7 Oct 2004 15:40:00 +0200, horst dot ritter at mach dot com
<horst dot ritter at mach dot com> wrote:
> I recommend the m0n0wall to customers which neither have a Cisco or
> Checkpoint already in place nor they are able to get such a device. Hence,
> I am afraid it is not reasonable to ask each of them to put a second device
> in the network. Especially, only to do NAT due to the fact that it won't be
> a unique solution for only one customer. Otherwise, I would gladly apply
> your proposal.
FWIW, I've worked with my fair share of commercial firewalls, and I
don't know any that would do what you've described.
> Therefore, I would like to ask if this function is interesting enough to
> put it on the "To do/Whishlist"?
I'm not intricately familiar with the inner workings of ipf/ipnat, but
this sounds like something that would require a lot of work from a
kernel hacker to achieve. And for relatively little return, from a
demand perspective. There
are better things those people could be spending their time on - i.e.
things that are much more widely needed.
Not saying it isn't a worthy feature, that's just why you'll likely
never see it.
Someone please correct me if I'm wrong.
Sorry I can't offer an "all in one" solution.