Excellent job with the book. I am in the process of building my
firewall and have found the book to be an invaluable resource. I think
it is great how you and your co-author have an updated web site and are
actually "brave" enough to put your e-mail address out there. My main
complaint (sorry) is that I have wished for more information on building
a firewall with real IP addresses. There was some brief discussion of
this in your book, but a little more info would have been great (maybe
in 2nd edition?). I must admit I read very little of the BSD part of the
book due to my using RH Linux 6.2, so maybe it was covered better in
that part. My colleagues who also have read your book have had hit or
miss experiences with using real IP addresses behind linux firewalls.
One linux guru "struggled" to get his box to work without any rules
running. At one point it just started working. Another, his worked out
of the box. I have convinced myself that my routes are correct and
nonetheless the box behind the firewall keeps trying to do ARP requests
looking for the gateway (outside the firewall, which has a route to it
on the firewall), needless to say it never gets a reply. Really strange
stuff. Maybe add some links that would assist us in setting up a
firewall with real IP ranges. Surely there are some resources out there?
I have run across FAQs that have been helpful with the routing, etc. but
nothing that specifically covers any of the issues I've had (maybe it's
just brain block on my part). Any ideas on where I could look?
The book covered masquerading very well. I had masquerading up and
running in no time flat! That will work great for my home network... I
hope to see the linux section updated, as I see the BSD section was.
Keep up the great work, you are providing an invaluable resource to
network administrators around the globe.