Future of pf / firewall in FreeBSD ? - does it have one ?
Allan Jude
allanjude at freebsd.org
Mon Jul 21 23:12:58 UTC 2014
On 2014-07-21 09:57, bycn82 wrote:
> There is no doubt that PF is a really good firewall, But we should noticed that there is an ipfw which is originally from FreeBSD while PF is from OpenBSD.
>
> If there is a requirement that PF can meet but ipfw cannot, then I think it is better to improve the ipfw. But if you just like the PF style, then I think choose OpenBSD is the better solution. Actually OpenBSD is another really good operating system.
>
> Like myself, I like CentOS and ipfw, so no choice :)
>
>
The only thing I've really found lacking in IPFW is the NAT
implementation. Specifically, when trying to do port-forwarding. All of
the rules have to go in the single 'ipfw nat' rule, and it makes it
cumbersome to manage.
--
Allan Jude
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20140721/2b8737cc/attachment.sig>
More information about the freebsd-current
mailing list