From owner-freebsd-security Wed Nov 21 11:19:50 2001 Delivered-To: freebsd-security@freebsd.org Received: from e-shipley.com (dws-66-177-28-52.jacksonville.net [66.177.28.52]) by hub.freebsd.org (Postfix) with ESMTP id 7EDA137B405 for ; Wed, 21 Nov 2001 11:19:43 -0800 (PST) Received: (from steve@localhost) by e-shipley.com (8.11.6/8.11.1) id fALJJgH03507; Wed, 21 Nov 2001 14:19:42 -0500 (EST) (envelope-from steve) Date: Wed, 21 Nov 2001 14:19:42 -0500 (EST) From: "Stephen T. Shipley" Message-Id: <200111211919.fALJJgH03507@e-shipley.com> To: fgermano@audiotel.com.ar, security@FreeBSD.ORG Subject: Re: Best security topology for FreeBSD In-Reply-To: <00ca01c172aa$814c90d0$ed64a8c0@audi2k> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Try "hlfl" located in /usr/ports/security/hlfl. Very useful for evaluating the management languages for ipfw, ipfilter, ipfwadm, ipchains, netfilter, and cisco. In a crunch you need to be quick. So I would favor ease of management (ipfilter). --Steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message