Date: Mon, 30 Oct 2006 10:22:32 -0500 From: "Andy Greenwood" <greenwood.andy@gmail.com> To: "Lowell Gilbert" <freebsd-questions-local@be-well.ilk.org> Cc: freebsd-questions@freebsd.org Subject: Re: IPFW and PF Message-ID: <3ee9ca710610300722y30e848f4g7b6f39ab91243e4b@mail.gmail.com> In-Reply-To: <448xixrh53.fsf@be-well.ilk.org> References: <E4B019F7-1067-45C3-AF93-CF0980A57471@tca-cable-connector.com> <3ee9ca710610300524y7db3dc1bg56e144b452d90dc@mail.gmail.com> <448xixrh53.fsf@be-well.ilk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/30/06, Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> wrote: > "Andy Greenwood" <greenwood.andy@gmail.com> top-posted: > > > On 10/28/06, David Schulz <davidschulz@tca-cable-connector.com> wrote: > >> Hi all, > >> > >> IPFW seems to be the same IPFW that is used on MacOSX, so it seems to > >> make sense to learn and lean on IPFW when using in a mixed Machine > >> Environment. On the other side, many People seem to say PF is easier > >> to manage once a setup gets complicated. As usual, both sides have > >> their own valid points. My question though is not whether any of the > >> two , IPFW of PF is better then the other, but which of the two do > >> you use, and why? > >> > > > PF, for two reasons. Firstly, because I don't have to mess with > > arbitrary rule numbers; I can just scroll down the page and know that > > rules will be executed in that order. Secondly becuase I can easily > > integrate bruteforceblocker. > > Wow. I can see some advantages either way, but I can't see any > differences on those grounds. After all, rule numbers *aren't* > required in ipfw (even the example script doesn't use them). And > bruteblock works with ipfw in *very* much the same way that > bruteforceblock does with pf. Sorry, that should've been Altq, not bruteforceblocker. I wasn't aware that rule numbers weren't required in IPFW. Oh well, you learn something new everyday. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- I'm nerdy in the extreme and whiter than sour cream
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3ee9ca710610300722y30e848f4g7b6f39ab91243e4b>