[NCLUG] Re: firewall nic config

William Dan Terry william.terry at knotworks.com
Mon Apr 29 17:46:50 MDT 2002


> Message: 4
> Date: Mon, 29 Apr 2002 13:39:06 +0100
> From: Matthew Wilcox <willy at debian.org>
> To: nclug at nclug.org
> Subject: Re: [NCLUG] Re: firewall nic config
> Reply-To: nclug at nclug.org
> 
> On Sat, Apr 27, 2002 at 11:46:08AM -0600, William Dan Terry
> wrote:> > From: Matthew Wilcox <willy at debian.org>
> > > Could you word-wrap please?  It makes your text easier to
> > > read.
> > 
> > I always thought that word wrap was the responsibility of the
> > receiving end, thus allowing the reader to optimize it for
> > his viewer. Email doesn't have a prescribed width that I'm
> > aware of, making the transmission of information a separate
> > issue from the display of information. Forcing \n every so
> > many characters just means that a wider viewer loses the
> > benefit of width and still has to scroll just as much. I've
> > been working under this premise for 17 years. Am I missing
> > something?
> 
> Yes, basic netiquette?  A quick google search digs up
> http://www.albion.com/netiquette/book/0963702513p61.html
> or http://www.dtcc.edu/cs/rfc1855.html

Checked the rfc at the source - 1995 - 10 years after I started
my career in the field (doesn't count school). This should be
linewrapped, but I still think it's the wrong place to force
formatting in email - just like I don't think HTML formatting
belongs in email either. But I'll give in (not on the HTML). In
fact I don't even think MUAs I used a long time ago even had
linewrapping which means I would have had to count (or get used
to about how long a line is and remember to hit return - that is
if I was even looking at what I ws typing). 
> While you have your web browser fired up, take a look at
> http://nclug.org/pipermail/nclug/2002-April/003482.html
> to see another reason why you should linewrap at a reasonable
> length.

Ouch. However, I definitely don't believe that I should be
configuring my email so it looks nice on the web. That's a web
display issue. Different protocols, different purposes. Any web
display of anything should format it for the web. Not really any
different than saying a word processed doc should have hard
returns like typewriter days so that it could be displayed on the
web. Not.

> > Some hosts inside do need to be reachable, hence the class C.
> > However, the traffic they deal with is small enough that
> > having them behind a firewall wouldn't change the firewall
> > load significantly. So the protection they get from the
> > firewal is worth it to me instead of having them in the DMZ.
> 
> Hmm.  Sounds like what you _really_ want is something like:
> 
> 0-63 outside the firewall
> 64-127 inside the firewall, but with special holes
> 128-255 inside the firewall
> 
> which is fairly straightforward to set up.

I'll be doing it in a different order - router at .254. but
that's good to hear. I'm disappointed that Mandrakes firewall
can't handle the same network base address inside and out,
because it sounds like a slick package otherwise.

Peace, William

___________W__i__l__l__i__a__m_____D__a__n_____T__e__r__r__y____
_______ How do we acquire wisdom along with all these shiny
things? -David Brin

    PGP public key:    
http://www.knotworks.com/wdt_pgp_pubkey.asc
    fingerprint:   DC 80 E4 18 E2 CB AC F4  8C 59 9B 9C BB A2 D7
4B



More information about the NCLUG mailing list