First page Back Continue Last page Summary Graphics
Additional Features
IPv6 is supported
Authentication
- "auth" rules: have a userland daemon authorize packets
- "preauth" rules: use a separate rulebase in the kernel, each rule with its own timeout, that is filled upon successful authentication by a user
Call in-kernel function when a packet matches (yuck!)
IPSec kernel proxy for NAT (broken, no SPI dependency)
Notes: