On 1/5/10 2:01 PM, Peter Hicks wrote:
Tony Finch wrote:
Stateful inspection is useful for breaking things in subtle and hard-to-debug ways.
http://fanf.livejournal.com/102206.html http://fanf.livejournal.com/95831.html
Is that really stateful inspection? Isn't the SMTP fixup on a PIX an application-level gateway?
I *though* most of the world turns SMTP fixup off because it's naff.
It is a ALG, and a completely braindead one at that. Nothing like trying to figure out what an error message means when its just... XXX ****************************************************** The PIX's fixup for DNS packets have been causing issues on my end too in one setup. -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org