best way to install/update software and firewall choice

[Guy Marcenac]

Hi,

I am an old debian user and I am looking at freebsd for security reasons
* I am very interested in the jail concept
* I have to relearn iptables syntax each time I want to add a rule

I am testing the system in vmware virtual machine.

There is a point I don't fully understand. There are several ways of 
updating the system, from precompiled binaries or by recompiling the 
system and the ports (and using csup, portsnap, portupgrade ...).
I would prefer to use the first way because it is really faster, but it 
seems to me that when I want to update my jails, there is no other easy 
way than recompiling the whole world into my jails.

The other point a bit confusing is that I dont know which firewall to 
use. My first guess would be to use pf, because it exists also on 
openbsd, but it seems that the default would go to ipfw.

Thanks to support a newby

-- 
Guy