Felipe Alfaro Solana wrote:
On Mon, Apr 27, 2009 at 8:11 PM, Ted Unangst <ted.unan...@gmail.com> wrote:
On Mon, Apr 27, 2009 at 10:25 AM, Felipe Alfaro Solana
<felipe.alf...@gmail.com> wrote:
Again, not a single or valid technical argument on why a bridging
firewall
is a bad idea. Just a moot and offensive responsive, and a very
strong assessment from someone that doesn't know me at all. It's also
very
sad to see so many impolite answers in this list. Perhaps saying "are
apparently black magic" would be more appropriate.
http://marc.info/?l=openbsd-misc&m=124082008204226&w=2
You can either read the code or listen to somebody who has. I don't
know you either, but I know Henning and I know the bridge code, and
the short version is he's right.
And again, I think you mean that running a bridge under OpenBSD is perhaps
not the fastest or brightest solution. And I trust you, But again, I have
yet to hear a single technical argument on why running, for example, Snort
inline on other platforms is a bad idea and makes one stupid.
In some previous comments, you said no hard facts were provided. Just do
your own tests instead of asking others to do it for you. Plenty of
reasons were provided. You refuse them, or to see it for yourself, then
shut up! All are real and I even learn from Henning about the lost of
Queue here as well, witch I haven't thought of then. So, loose of queue,
mean also lost of AltQ too. Many benefit are lost, you refuse to see the
writing on the wall in front of your nose. Shame on you to even argue
and not tests to your own satisfaction, but hiding behind others writing
and URL.
Also, you want reasons for tap oppose to inline IDS as example, then may
be you can listen to this nice talk that was done just a few weeks ago:
http://www.youtube.com/watch?v=UM4ZrsOjmNQ&feature=channel_page
It's somewhere in there, where it has no impact on the normal traffic
and allow you to keep your job. It's very obvious that putting IDS
inline for him would have been a way to see the door by some of his
superiors. And by the way, the Lego references he has in there are about
Henning's talk just before his and he liked it as well! May be listening
to that as well might show you that he has a pretty good idea of how
that part of the system might work! (;>
And for your "Just a moot and offensive responsive...", may be, just may
be, could it be that people are getting frustrated to explain to you the
obvious after some more details provided? Just may be....
You just reminded me of the guy behind the counter at your neighborhood
grocery store that take pleasure to make a little kid fell stupid each
time his mom send him there to buy things for here. Every time he is
there, the BIG men always asked the kid to justify why he needs that
with lots of questions, making him fell stupid.
Then, one day that same little guy (Puffy) got fed up and went to the
store with a brown bag in his hand. Look at the BIG men behind the
counter and simply asked him, very politely.
Sure, could you put your hand in the bag please?
The BIG guy surprise asked why and try to do his game again, but the
little Puffy just said, "put your hand in the bag please?"
The BIG men did, then his face changed, his hand felt worm and smooth.
Then, the little guy asked with a BIG smile on his face... (:]>>>>. Now
Sure, can I get toilet paper please?
Except that on your case looks like you get pleasure rubbing your hand
in the brown bag.
So, stop trying to paint yourself as the big guy and all of us as the
little kid. You never know when that little kid will take you to your
own words! (;>
All this to say, if you don't understand the technical reasons provided
to you and you don't want to do your own tests after the explications
were provided to get your own hard figure you keep asking, then stop
playing with the brown bag.
It stink really, and that's all you are doing, moving that fecal content
all over the place, again and again.
If all that was said doesn't give you pause and thing to think above, no
matter what anyone would or could put here, say, provide or add will do.
So, drop it and lets move on.
Best regards to you.
Daniel
