Firewall Wizards mailing list archives

Re: Programming Firewalls

From: ark () eltex ru
Date: Thu, 14 Jan 1999 20:49:48 +0300

nuqneH,

Some fwtk-style firewalls like Gauntlet and V-One do work on 'dose
(although i see no reason to..)

Rick Murphy <rmurphy () mitretek org> said :

"John Byrne" <COM40017 () PAT ITCARLOW IE> writes:

I've got the source code for the FWTK but it's not all that easy to
port over Windows.  Any help would be greatly appreciated because
I've ran into all dead ends so far.


You wouldn't want to try to use the FWTK proxies on Windows - it'll run
like molasses.
The fwtk proxies fork a new process for every connection; that makes sense
on a UNIX
platform because UNIX systems have fairly low process creation cost. For
Windows,
you want to avoid process creation as much as possible. You'll have to
rewrite everything
to be multithreaded, which means fixing all the dangling memory and FD
leaks and recoding
all the "input is FD #0" assumptions all over the code.  You're in for a
LOT of work.
      -Rick


                                     _     _  _  _  _      _  _
 {::} {::} {::}  CU in Hell          _| o |_ | | _|| |   / _||_|   |_ |_ |_
 (##) (##) (##)        /Arkan#iD    |_  o  _||_| _||_| /   _|  | o |_||_||_|
 [||] [||] [||]            Do i believe in Bible? Hell,man,i've seen one!

Current thread:

Programming Firewalls John Byrne (Jan 12)
- Re: Programming Firewalls Matt Curtin (Jan 13)
  - Re: Programming Firewalls dreamwvr (Jan 15)
- <Possible follow-ups>
- Re: Programming Firewalls Rick Murphy (Jan 14)
- Re: Programming Firewalls ark (Jan 15)
- Re: Programming Firewalls Rick Murphy (Jan 18)
  - Re: Programming Firewalls carson (Jan 19)