[CentOS] Optimizing CentOS for gigabit firewall

Les Mikesell lesmikesell at gmail.com
Sun Dec 20 21:59:37 UTC 2009


rainer at ultra-secure.de wrote:
>> I've got a garage full of tools at my disposal.  However, for the task at
>> hand, which is nailing a nail, there is no tool more appropriate than the
>> aforementioned hammer.
> 
> 
> Yeah, but the original poster's only tool seems to be the CentOS
> sledge-hammer.
> I could understand him if the answer to his question was "IRIX" or "Buy an
> IBM mainframe".
> I think even in large enterprises with a strict policy about what OS and
> what applications can go into a datacenter, there should be a way to
> define exceptions. Because there are always cases where the
> "one-size-fits-all" policy just doesn't fit at all.

I think the original poster was more interested in separating billing for 
different addresses than typical firewall tasks anyway.  And in that case it 
might make more sense to use netflow reports from the gateway router if if has 
the capability, or per-interface traffic on the downstream switch ports.

-- 
   Les Mikesell
    lesmikesell at gmail.com


More information about the CentOS mailing list