From: Jeffrey Laramie <JALaramie@Loudoun-Fairfax.com>
To: Cedric Blancher <blancher@cartel-securite.fr>
Cc: Jim Carter <jimc@math.ucla.edu>,
Chua Boon Ping <nitb@hotmail.com>,
netfilter@lists.netfilter.org
Subject: Re: why must linux for halted firewall?
Date: Tue, 16 Sep 2003 14:55:28 -0400 [thread overview]
Message-ID: <3F675CA0.9010107@Loudoun-Fairfax.com> (raw)
In-Reply-To: <1063736809.783.62.camel@elendil.intranet.cartel-securite.net>
[-- Attachment #1: Type: text/plain, Size: 1020 bytes --]
Cedric Blancher wrote:
>Le mar 16/09/2003 à 19:46, Jim Carter a écrit :
>
>
>>I'm not sure what you mean by a "halted firewall". Do you mean that the
>>kernel uses the "halt" instruction when there is no work to do?
>>
>>
>
>Nope.
>An halted firewall is a firewall that is halted, i.e. you have executed
>"halt" command. Box is configured not to send halt signal to ATX supply
>so it is still powered and network stuff is not killed (interfaces up,
>ruleset not flushed, etc.). As kernel is still alive, your box can
>continue it's routing/filtering tasks as they're handled within kernel.
>
>But, you won't have the ability to log onto the firewall to update rules
>or have applications running (no logs).
>
>
>
What would be the benefit in configuring a system like this? It seems to
run contrary to the evolution of IT appliances where you can configure
and manage everything usually without restarting (firewalls, switches,
print servers, even ups units). I don't get it ;-)
[-- Attachment #2: Type: text/html, Size: 1474 bytes --]
next prev parent reply other threads:[~2003-09-16 18:55 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-09-15 3:16 why must linux for halted firewall? Chua Boon Ping
2003-09-16 17:46 ` Jim Carter
2003-09-16 18:26 ` Cedric Blancher
2003-09-16 18:55 ` Jeffrey Laramie [this message]
2003-09-16 19:07 ` Re[2]: " Peteris Krumins
2003-09-16 19:11 ` Cedric Blancher
2003-09-16 19:33 ` Nox
2003-09-16 20:15 ` Cedric Blancher
-- strict thread matches above, loose matches on Subject: below --
2003-09-16 19:16 Daniel Chemko
2003-09-16 20:12 ` Jeffrey Laramie
2003-09-16 19:43 Chua Boon Ping
2003-09-16 21:58 ` Nox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F675CA0.9010107@Loudoun-Fairfax.com \
--to=jalaramie@loudoun-fairfax.com \
--cc=blancher@cartel-securite.fr \
--cc=jimc@math.ucla.edu \
--cc=netfilter@lists.netfilter.org \
--cc=nitb@hotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox