[3705] in bugtraq
Re: Digital FW2.0 question
daemon@ATHENA.MIT.EDU (Alan Cox)
Wed Nov 27 21:08:40 1996
Date: Wed, 27 Nov 1996 19:40:29 +0000
Reply-To: Alan Cox <alan@lxorguk.ukuu.org.uk>
From: Alan Cox <alan@lxorguk.ukuu.org.uk>
X-To: pd@netlanders.net
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <m0vSUbC-0031ptC@mail.netlanders.net> from "Peter Dieth" at Nov
26, 96 09:59:22 pm
> Why does dec enable ipforwarding and ipgatewaying in a firewall
> configuration with disabled "transparent proxies" ?
The screend daemon is a module change that bounces all the network
packets into user space and back out via screend. In effect ip forwarding
has an extra yes/no/maybe bounce via user space.
> Is there a weakness in the screend or networking code regarding ip
> frags ?
> The box seems to get slower when sending many ip frags to it.
Screend does bounce via user. I don't know what the performance implications
are.
Alan
