Date: Sat, 8 Jan 2000 19:40:07 +0100 From: Brad Knowles <blk@skynet.be> To: Luigi Rizzo <luigi@info.iet.unipi.it>, james <death@southcom.com.au> Cc: freebsd-current@FreeBSD.ORG Subject: Re: ipf vs. ipfw Message-ID: <v04220800b49d334378cf@[195.238.21.69]> In-Reply-To: <200001081603.RAA10786@info.iet.unipi.it> References: <200001081603.RAA10786@info.iet.unipi.it>
next in thread | previous in thread | raw e-mail | index | archive | help
At 5:03 PM +0100 2000/1/8, Luigi Rizzo wrote: > Other reasons for the switch could be the fact that ipf is stateful > (but i am working on adding state to ipfw, if i find proper support > - hint, hint), so you can build better things. I'm moving towards using ipfilter on our Solaris machines, primarily as a "super TCP-Wrappers" solution for improved host security, and what I've done so far it looks like the statefulness will be extremely useful. I really appreciate that ipfilter works on many different platforms, not just one. However, if I can get the good features of ipfilter with ipfw under FreeBSD, I'd consider that to be sufficient reason to consider using ipfw instead. -- These are my opinions -- not to be taken as official Skynet policy ____________________________________________________________________ |o| Brad Knowles, <blk@skynet.be> Belgacom Skynet NV/SA |o| |o| Systems Architect, News & FTP Admin Rue Col. Bourg, 124 |o| |o| Phone/Fax: +32-2-706.11.11/12.49 B-1140 Brussels |o| |o| http://www.skynet.be Belgium |o| \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ Unix is like a wigwam -- no Gates, no Windows, and an Apache inside. Unix is very user-friendly. It's just picky who its friends are. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v04220800b49d334378cf>