Future of pf / firewall in FreeBSD ? - does it have one ?
Franco Fichtner
franco at lastsummer.de
Mon Jul 21 21:48:57 UTC 2014
Hi Julian,
On 21 Jul 2014, at 05:15, Julian Elischer <julian at freebsd.org> wrote:
> Most people I talk to just use ipfw and couldn't care whether pf lives or dies. They have simple requirements and almost any filter would suffice. I haven't found anything I'd want to use pf for that ipfw doesn't allow me to do. There are things pf does that ipfw doesn't... I just never want them..
this is quite insightful. The gist of this discussion and the apparent
lack of upgrades to pf(4) seem to indicate that:
(a) other packet filters do the required jobs equally or better
or performance doesn't matter at all.
(b) for more progressive setups and requirements, FreeBSD servers
may as well be complemented with commercial firewalls, hand-rolled
or non-FreeBSD solutions
Is that somewhat accurate, or is there more to the story?
Cheers,
Franco
More information about the freebsd-questions
mailing list