From: Grant Taylor <gtaylor@riverviewtech.net>
To: Mail List - Netfilter <netfilter@vger.kernel.org>
Subject: Re: Query: Can Netfilter inspect xml soap traffic
Date: Tue, 25 Mar 2008 15:13:25 -0500 [thread overview]
Message-ID: <47E95CE5.2020402@riverviewtech.net> (raw)
In-Reply-To: <m3abkmy3ug.fsf@ursa.amorsen.dk>
On 03/25/08 14:56, Benny Amorsen wrote:
> Anyway, with the Level-7 match or Deep Packet Inspection or whichever
> buzz words you prefer, packet filters are closer in capabilities than
> ever before. At the same time application level proxies are faster
> than ever before. It's hard to pick a winner.
Very good point.
I suppose one thing to think about is who is going to maintain what.
Developers would probably be able to maintain (add / change / delete
rules) an ALG better where as network administration staff would
probably be able to maintain a hardware firewall better. Of course, why
not use some of each. Use the hardware firewall for the lower end
simpler aspects of it while using the ALG for the higher end more
specific aspects. Let the hardware ASICs do what they do best while
letting the ALG do what it does best.
Grant. . . .
next prev parent reply other threads:[~2008-03-25 20:13 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-25 15:01 Query: Can Netfilter inspect xml soap traffic william fitzgerald
2008-03-25 16:42 ` Grant Taylor
2008-03-25 17:04 ` william fitzgerald
2008-03-25 17:25 ` Grant Taylor
2008-03-25 17:33 ` Grant Taylor
2008-03-25 17:35 ` Grant Taylor
2008-03-25 19:56 ` Benny Amorsen
2008-03-25 20:13 ` Grant Taylor [this message]
2008-03-26 16:39 ` william fitzgerald
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47E95CE5.2020402@riverviewtech.net \
--to=gtaylor@riverviewtech.net \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox