Re: linux firewal question (newbie)

[James Croall <jcroall () tis com>]

> > TIS runs on BSDI, SOLARIS, HPUX, and NT.  There are some differences between
> > the UNIX platforms and the NT platforms.
> >
> > You can download FWTK for linux and TIS used to have some good links to
> > various plugs, proxies, etc.. for the FWTK.
>
> FWIW, I've read comments somewhere from someone who has _ported_ Gauntlet
> to run on Linux (yes, they had already bought it to run on other systems
> but because they got the source, they were able to make it run elsewhere,
> I assume).  I cannot put a name or date to when that was.  The comments
> about the porting effort went along the lines of it wasn't that hard due
> to similarities with the way the Gauntlet kernel changes work and the way
> Linux worked/works.

At a former employer I ported Gauntlet 4.0a (mostly) to Linux. The libraries
and proxies are an easy port, the kernel services are a little more work (no,
I didn't have a BSDI & Gauntlet kernel source license).

In the end I had a Gauntlet running on Linux, with packet filtering and
transparent proxies provided by the standard ipfw code (these days I would
use Darren's code). A (broken) swIPe implementation is available for Linux,
although I didn't bother with that; swIPe isn't very robust compared to the
other things out there today.

So it *is* possible, although I'm not sure it's worth the effort. There is
a large amount of contributed code for the FWTK, it's a pretty rich platform
if you want to go that route.

- James