From owner-freebsd-questions@FreeBSD.ORG Fri Oct 1 14:16:29 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B78F31065693 for ; Fri, 1 Oct 2010 14:16:29 +0000 (UTC) (envelope-from dan@slightlystrange.org) Received: from catflap.slightlystrange.org (cpc2-cmbg1-0-0-cust385.5-4.cable.virginmedia.com [82.21.105.130]) by mx1.freebsd.org (Postfix) with ESMTP id 6FC828FC0A for ; Fri, 1 Oct 2010 14:16:29 +0000 (UTC) Received: from dan by catflap.slightlystrange.org with local (Exim 4.72 (FreeBSD)) (envelope-from ) id 1P1gPU-000DzA-Ov for freebsd-questions@freebsd.org; Fri, 01 Oct 2010 15:16:28 +0100 Date: Fri, 1 Oct 2010 15:16:28 +0100 From: Daniel Bye To: Free BSD Questions list Message-ID: <20101001141628.GE26665@catflap.slightlystrange.org> Mail-Followup-To: Free BSD Questions list References: <20101001001926.6ef8aa93@davenulle.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="G6nVm6DDWH/FONJq" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.3i X-PGP-Fingerprint: D349 B109 0EB8 2554 4D75 B79A 8B17 F97C 1622 166A X-Operating-System: FreeBSD 8.1-STABLE amd64 Sender: Daniel Bye Subject: Re: router / firewall with PF and carp. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Daniel Bye List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Oct 2010 14:16:29 -0000 --G6nVm6DDWH/FONJq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Oct 01, 2010 at 09:40:56AM -0400, Kevin Wilcox wrote: > On 1 October 2010 05:29, krad wrote: >=20 > > In my experiance freebsd should work fine. However I would say openbsd = is > > probably better suited to your needs, due to its tighter security model > > (auditing) >=20 > Krad, I was under the impression that 'audit' from TrustedBSD is built > into FreeBSD. Is there a facility in OpenBSD that is "better" or is > there something in 'audit' that is lacking? I think krad is referring to the well-publicised code audit that the OpenBSD project conducts, rather than the TrustedBSD audit framework. As far as I know, OpenBSD doesn't have anything comparable, but it's a long time since I looked at it, so I might be typing out of me ear... Dan --=20 Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ --G6nVm6DDWH/FONJq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (FreeBSD) iEYEARECAAYFAkyl7TwACgkQixf5fBYiFmquGQCfSg3K9lGGH1CYLt5fN/25XWk0 ZX8AoKfGCJojiP81QUI8/6/8eZ468HYB =i6Ih -----END PGP SIGNATURE----- --G6nVm6DDWH/FONJq--