From owner-freebsd-stable@FreeBSD.ORG  Fri May 23 10:12:24 2014
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id AA8AF899
 for <freebsd-stable@FreeBSD.org>; Fri, 23 May 2014 10:12:24 +0000 (UTC)
Received: from babel.karthauser.co.uk (212-13-197-151.karthauser.co.uk
 [212.13.197.151])
 by mx1.freebsd.org (Postfix) with ESMTP id 72D742A56
 for <freebsd-stable@FreeBSD.org>; Fri, 23 May 2014 10:12:23 +0000 (UTC)
Received: from [192.168.1.178] (unknown [86.188.177.234])
 (Authenticated sender: joemail@tao.org.uk)
 by babel.karthauser.co.uk (Postfix) with ESMTPSA id 82E0DDE6;
 Fri, 23 May 2014 10:04:24 +0000 (UTC)
Subject: Re: What is your favourite/best firewall on FreeBSD and why?
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
Content-Type: multipart/signed;
 boundary="Apple-Mail=_F5F0CDF2-5FB8-489D-B079-29EE305A4500";
 protocol="application/pgp-signature"; micalg=pgp-sha512
From: Dr Josef Karthauser <joe@tao.org.uk>
In-Reply-To: <lln2o2$77d$1@usenet.ziemba.us>
Date: Fri, 23 May 2014 11:04:24 +0100
Message-Id: <FE050654-7AE7-4E5D-B191-9A620B9D61AD@tao.org.uk>
References: <20140520070926.GA92183@The.ie> <lln2o2$77d$1@usenet.ziemba.us>
To: paul+usenet@w6yx.stanford.edu
X-Mailer: Apple Mail (2.1874)
Cc: freebsd-stable@FreeBSD.org
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 May 2014 10:12:24 -0000


--Apple-Mail=_F5F0CDF2-5FB8-489D-B079-29EE305A4500
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

On 23 May 2014, at 10:00, G. Paul Ziemba <pz-freebsd-stable@ziemba.us> =
wrote:

> Lucius.Rizzo@The.ie (Lucius Rizzo) writes:
>=20
>> Ultimately, outside configuration differences all firewalls are =
essentially
>> serve the same purpose but I wonder what is your favorite and why? If
>> you were to run FreeBSD in production, which of the three would you
>> choose? IPFilter, PF or IPFW?
>=20
> I switched to pf about seven months ago as I began to need to
> manage bandwidth for specific classes of traffic (for example,
> prevent outbound mailing list email from saturating the link
> and reserve some bandwidth for interactive use).
>=20
> The syntax is very close and the NAT configuration is simpler in pf.

Does the pfsync handle NAT tables.
Could I use it to build a resilient carrier grade NAT solution?

Joe


--Apple-Mail=_F5F0CDF2-5FB8-489D-B079-29EE305A4500
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQEcBAEBCgAGBQJTfx0oAAoJEGdCjs+EVN/YbCoH/00r8mTvTlnxyg8Tadt++ndf
3cXlDss4BupLAnklVs4zE6mk2aNP+cjgr40PDo03xklVCm1gUJTNodKuNqTifrJa
m7Cub4wIh8oGVD36p/8coNLa98azuvxTnc3hCE5YOU/5M4m5xByXWu0Y9J7XNwNk
WZsfvevqjV6NneKk5hCssLei9KkI9tJ0aBU3mW0Zib2bGrmXL+HLSLhlNBVJ7ypg
WLL0UUdTx/+YAyXl7Rt2K7Zk4wpeMcEFiw/6iKzZ1phRDkZsPUd0nstmI+so96vi
Nh37w9iAn8KdYXj8dKmylrw0/EHggXaenCvX90WJCjtXGZQ5BLo9pjDsDGNQdrc=
=U+2A
-----END PGP SIGNATURE-----

--Apple-Mail=_F5F0CDF2-5FB8-489D-B079-29EE305A4500--