Hi: First, I don't use IPFW myself, so please accept my appologies if these features are present in IPFW - in that case it might be a good idea to highlight this. New legislation is under way in the EU regarding retention of traffic data (see link at bottom). The official purpose is to fight terrorism and organised crime. I shall not go into the polemics or lobbying for or against. Of course, such directives does not set legal requirements on FreeBSD as such but, businesses need technical solutions to comply with this directive. Hence, this directive may guide the choice of the technical solution, and this is why it is relevant to FreeBSD: To ensure that FreeBSD will be an option. This said, I think that these features could also be quite useful for businesses in order to investigate incidents. Who: The data retention directive requires "providers of publicly available electronic communications services or of a public communications network" to log and store traffic data. This is pretty broad, while exclusions may be adopted, this includes anything from public libraries, to large ISP's to log and store traffic data. What: Traffic data is defined as all data needed to identify the source and destination of a communication and duration. If traffic is routed through a proxy or NAT'ed this includes any "translation" data. The details are specified in the annex of the referred document, and includes MAC address of the node(s). The technical solution: For Internet communication the following must be logged: source ip, port and mac, destination ip, port, identity translation (NAT) data. Time of initiation, duration or time of termination. The gateway have access to all this information, with exception of the NAT data and duration all is supported, but: The nice solution would be to enable logging when entries are made or deleted from the NAT table. This will include all the required information with the possible exception of the MAC address. So to sum up: My request is to support logging of changes to the NAT table. When: The directive is still a proposal, and once accepted member states are usually given two years to implement it into national law. Why hurry: 1) It will be quite nice to be able to advertise FreeBSD to support the directive by the time it takes effect. 2) Some countries are ahead of time and have adopted similar legislation although the state is not clear as the enforcement may have been delayed to wait for the common rules. The proposal as is (now) can be found here: http://europa.eu.int/information_society/policy/ecomm/doc/info_centre/communic_reports/data_retention/retention_proposal_en_com_2005_0438.pdf Best regards, Erik -- Ph: +34.666334818 web: http://www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2Received on Thu Feb 09 2006 - 21:06:15 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:52 UTC