Stateful firewalls and dynamic routing question.

---

• From: "abstractclass" <meaguy@xxxxxxxxx>
• Date: 15 Oct 2006 11:30:36 -0700

---

Are stateful firewalls problematic when dynamic routing is used? I'm
guessing that when the network topology changes while an existing
connection exists in the state table, this would cause problems as the
source IP has the potential of changing and thus causing the existing
connection to drop. I am not sure what the solution to this would be.
The only one I can think of is to ensure that the firewall policy
contains all possible source IP addresses for each possible network
topology change? Am I correct at all, or way off? Any tips would be
appreciated! Thx.

.

---

• Follow-Ups:
  • Re: Stateful firewalls and dynamic routing question.
    • From: Moe Trin
  • Re: Stateful firewalls and dynamic routing question.
    • From: Jeroen Geilman

• Prev by Date: Re: iptables: user-def'd chains: allowed names?
• Next by Date: LAN with no hosts :(
• Previous by thread: iptables: user-def'd chains: allowed names?
• Next by thread: Re: Stateful firewalls and dynamic routing question.
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

linux.derkeiler.com  > Newsgroups  > comp.os.linux.networking  > 2006-10