[unisog] IPTables as high banwidth firewall

Josh Ballard bal at ksu.edu
Mon Aug 1 20:11:16 GMT 2005

Actually, I've had great success with using netfilter on Linux to do
high volumes of traffic to do firewalling and filtering, especially
doing peer-to-peer filtering stuff, but it would work great for most
things, especially stuff you can't accomplish well in a commercial
solution.  Now, the only thing I would recommend, as Michael said, is to
 buy really good hardware for this.  On the recommendation of buying a
pix, etc, I've not found firewalls that will do some of the things I'm
doing with linux filters, so no, it just doesn't work that easily as "go
buy a pix" for some things.  Anyway, I've done a fair amount of work in
this area, so if you'd like to discuss any of that, feel free to e-mail
me about it.  Thanks
Josh Ballard
Network Security Specialist
Kansas State University
bal at ksu.edu

More information about the unisog mailing list