1.	Write a set of packet filter rules to implement the following
	policy.  Use any unambiguous notation you choose.  Assume
	there are three interfaces on the firewall, 'inside', 'outside',
	and 'dmz'.  Rules always apply to packets *arriving* at an interface;
	your solution must indicate which rules apply to which interface.
	The inside net is 10.0.0.0/8; the dmz net is 192.168.42.0/24.
	Everything else is on the outside.

	Policies: all inbound mail from the Internet must be
	delivered to port 25 of 192.168.42.17.  It in turn
	delivers mail to the inside mail server, 10.0.0.17.
	ssh logins from the Internet are permitted to port 22 of
	10.0.37.47.  The web server sits in the DMZ, on ports 80 and 443
	of 192.168.42.12; both insiders and outsiders need to get to it.
	All outbound connections are allowed, except for sites on
	172.16.0.0/16 or if the connection is coming from 10.47.0.0/16.
	Hosts on 10.47.0.0/16 are only allowed to connect to hosts
	on 172.25.33.0/24.

2.	Explain why it is hard to permit access to NFS through a firewall.
	(Note: I am not asking whether or not it is a good idea.)
	If you did want to permit it, which type of firewall is needed?
	Why?

3.	Explain why ESP and packet filters conflict.