From owner-freebsd-security@FreeBSD.ORG  Thu Feb 26 06:43:43 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6E6ED16A4CE
	for <freebsd-security@freebsd.org>;
	Thu, 26 Feb 2004 06:43:43 -0800 (PST)
Received: from ciistr2.ist.utl.pt (ciistr2.ist.utl.pt [193.136.128.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E358743D31
	for <freebsd-security@freebsd.org>;
	Thu, 26 Feb 2004 06:43:42 -0800 (PST)
	(envelope-from bruno@mrna.ist.utl.pt)
Received: from mail.ist.utl.pt (mail.ist.utl.pt [193.136.128.8])
	by ciistr2.ist.utl.pt (Postfix) with ESMTP id 648984A737
	for <freebsd-security@freebsd.org>;
	Thu, 26 Feb 2004 14:43:41 +0000 (WET)
Received: from mrna.ist.utl.pt ([213.22.170.137])
  (AUTH: LOGIN bruno.afonso, SSL: TLSv1/SSLv3,256bits,AES256-SHA)
  by mail.ist.utl.pt with esmtp; Thu, 26 Feb 2004 14:43:40 +0000
Message-ID: <403E061E.30307@mrna.ist.utl.pt>
Date: Thu, 26 Feb 2004 14:43:42 +0000
From: Bruno Afonso <bruno@mrna.ist.utl.pt>
User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-security@freebsd.org
References: <200402192315.i1JNFxo4004083@caligula.anu.edu.au>
In-Reply-To: <200402192315.i1JNFxo4004083@caligula.anu.edu.au>
X-Enigmail-Version: 0.83.2.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: traffic normalizer for ipfw?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Feb 2004 14:43:43 -0000

Darren Reed wrote:

> normalizing is over rated as a firewall feature - it's really
> something that belongs in IDS software.
> 
> 
>>We're looking at bringing pf into the tree.
> 
> 
> For what benefit you have to wonder...

It's BSD licensed. It's nicely integrated with altq that will also 
hopefully come into the tree. That alone is worth it, let alone other 
nice features. And yes, users like this features and that's something 
you are going to have to live with.

Please stop this pf bashing you are fond of and stop thinking you know 
what others like/want in a firewall. Choice is a great thing, respect that.

BA

-- 
Bruno Miguel Afonso
Biological Eng. student
D.E.Q. @ I.S.T. - Portugal
GnuPG Public key: http://dequim.ist.utl.pt/~bruno/gpg