these files should never have been imported...they are junk

1 files changed, 0 insertions, 98 deletions

diff --git a/contrib/ipfilter/todo b/contrib/ipfilter/todo
deleted file mode 100644
index 5b2c059..0000000
--- a/contrib/ipfilter/todo
+++ /dev/null
@@ -1,98 +0,0 @@
-BUGS:
------
-* fix "to <ifname>" bug on FreeBSD 2.2.8
-fastroute works
-
-===============================================================================
-GENERAL:
---------
-
-* support redirection like "rdr tun0 0/32 port 80 ..."
-
-* use fr_tcpstate() with NAT code for increased NAT usage security or even
-  fr_checkstate() - suspect this is not possible.
-
-* add another alias for <thishost> for interfaces <thisif>? as well as
-  all IP#'s associated with the box <myaddrs>?
-
-time permitting:
-
-* load balancing across interfaces
-
-* record buffering for TCP/UDP
-
-* modular application proxying
--done
-
-* allow multiple ip addresses in a source route list for ipsend
-
-* port IP Filter to Linux
-Not in this century.
-
-* document bimap
-
-* document NAT rule order processing
-
-* add more docs
-in progress
-
-3.4:
-XDDD. I agree. Bandwidth Shapping and QoS (Quality of Service, AKA
-traffic priorization) should be *TOP* in the TO DO list.
-
-* Bandwidth limiting!!!
-maybe for solaris, otherwise "ALTQ"
-* More examples
-* More documentation
-* Load balancing features added to the NAT code, so that I can have
-something coming in for 20.20.20.20:80 and it gets shuffled around between
-internal addresses 10.10.10.1:8000 and 10.10.10.2:8000. or whatever.
-- done, stage 1 (round robin/split)
-The one thing that Cisco's PIX has on IPF that I can see is that
-rewrites the sequence numbers with semi-random ones.
-- done
-
-I would also love to see a more extensive NAT.  It can choose to do
-rdr and map based on saddr, daddr, sport and dport.  (Does the kernel
-module already have functionality for that and it just needs support in
-the userland ipnat?)
--sort of done
-
-        * intrusion detection 
-                detection of port scans 
-                detection of multiple connection attempts
-                
-        * support for multiple log files
-                i.e. all connections to ftp and telnet logged to 
-                        a seperate log file
-
-        * multiple levels of log severity with E-mail notification
-                of intrusion alerts or other high priority errors
-
-        * poison pill facility
-                after detection of a port scan, start sending back
-                large packets of garbage or other packets to
-                otherwise confuse the intruder (ping of death?)
-
-IPv6:
------
-* NAT is yet not available, either as a null proxy or address translation
-
-BSD:
-* "to <if>" and "to <if>:<ip>" are not supported, but "fastroute" is.
-
-Solaris:
-* "to <if>:<ip>" is not supported, but "fastroute" is and "to <if>" are.
-
-Tru64:
-------
-* IPv6 checksum calculation for RST's and ICMP packets is not done (there
-  are routines in the Tru64 kernel to do this but what is the interface?)
-
-does bimap allow equal sized subnets?
-
-make return-icmp 'intelligent' if no type is given about what type to use?
-
-reply-to - enforce packets to pass through interfaces in particular
-combinations - opposite to "to", set reverse path interface
-