Title: A Toolkit and Methods for Internet Firewalls 
Authors:
Marcus J. Ranum  Frederick M. Avolio   
File name:pubdocfirewallsAvolio_Ranum_usenix-paper.ps.Z 
File size: 71593 bytes 

Abstract: As the number of businesses and government
agencies connecting to the Internet continues to increase, the
demand for Internet firewalls - points of security guarding a
private network from intrusion - has created a demand for
reliable tools from which to build them. We present the TIS
Internet Firewall Toolkit, which consists of software modules and
configuration guidelines developed in the course of a broader
ARPA-sponsored project.  Components of the toolkit, while
designed to work together, can be used in isolation or can be
combined with other firewall components.  The Firewall Toolkit
software runs on UNIX file systems using TCPIP with the Berkeley
socket interface.  We describe the Firewall Toolkit and the
reasoning behind some of its design decisions, discuss some of
the ways in which it may be configured, and nclude with some
observations as to how it has served in practice.