On Tue, 5 Jan 2010 20:51:47 +0000 Tony Finch <dot@dotat.at> wrote:
On Tue, 5 Jan 2010, Brian Johnson wrote:
Given this information, and not prejudging any responses, exactly what is a firewall for and when is statefull inspection useful?
Stateful inspection is useful for breaking things in subtle and hard-to-debug ways. http://fanf.livejournal.com/102206.html http://fanf.livejournal.com/95831.html
Your second article (with the pointer to "end-to-end arguments in systems design") reminded me of this thread that came up on the Linux networking development mailing list recently. TCP was flaking out, but if the same traffic was tunnelled over the same connection, all was good. Strange TCP behavior over HSDPA http://www.spinics.net/lists/netdev/msg116809.html
Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD.