Re: why must linux for halted firewall?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Cedric Blancher wrote:
Le mar 16/09/2003 à 19:46, Jim Carter a écrit :
  
I'm not sure what you mean by a "halted firewall".  Do you mean that the
kernel uses the "halt" instruction when there is no work to do?
    

Nope.
An halted firewall is a firewall that is halted, i.e. you have executed
"halt" command. Box is configured not to send halt signal to ATX supply
so it is still powered and network stuff is not killed (interfaces up,
ruleset not flushed, etc.). As kernel is still alive, your box can
continue it's routing/filtering tasks as they're handled within kernel.

But, you won't have the ability to log onto the firewall to update rules
or have applications running (no logs).

What would be the benefit in configuring a system like this? It seems to run contrary to the evolution of IT appliances where you can configure and manage everything usually without restarting (firewalls, switches, print servers, even ups units). I don't get it ;-)
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux