From owner-freebsd-questions@FreeBSD.ORG  Fri Oct  1 14:34:16 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B7487106566B
	for <freebsd-questions@freebsd.org>;
	Fri,  1 Oct 2010 14:34:16 +0000 (UTC)
	(envelope-from kevin.wilcox@gmail.com)
Received: from mail-gw0-f54.google.com (mail-gw0-f54.google.com [74.125.83.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 72BB48FC15
	for <freebsd-questions@freebsd.org>;
	Fri,  1 Oct 2010 14:34:16 +0000 (UTC)
Received: by gwb15 with SMTP id 15so1452485gwb.13
	for <freebsd-questions@freebsd.org>;
	Fri, 01 Oct 2010 07:34:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:received:in-reply-to
	:references:date:message-id:subject:from:to:content-type;
	bh=p4ZNAUJ6OekNvjFhEvSnDfErVX0sf3OhRi/9W1KMAUQ=;
	b=AOokjwQTiCUs0jyLVbxO3AI/je6tsT3Iid9UFuKYiyk3hFPvyhpe/7YdYpLPXcNhAf
	L5anO9xusug2veoDKrcJDUwB0QooaQX1rkyDeO0lhJUYIqXk1HZg36vXemAUhu5v2h//
	yc4ajN7ar7ankm/ahiXvTrbI//TOrGhGKlwBs=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:content-type;
	b=GVedVsCQUxAtGJ3rn7XkhDE/giWA7iTjWkIYxrZh0ILavGMHoN7QA+8pGZw5yBkx3M
	mnO1T992zNu2wvOh7YfpiN9/uuvb3UicGAenHehqHafuBYPwtZ3TTNmJgmhcpxbqKTsJ
	vk881qWw8uiSgHOWsSbM7P2DTBtNR80PGngLQ=
MIME-Version: 1.0
Received: by 10.90.106.15 with SMTP id e15mr1556008agc.71.1285943655798; Fri,
	01 Oct 2010 07:34:15 -0700 (PDT)
Received: by 10.90.10.19 with HTTP; Fri, 1 Oct 2010 07:34:15 -0700 (PDT)
In-Reply-To: <20101001141628.GE26665@catflap.slightlystrange.org>
References: <20101001001926.6ef8aa93@davenulle.org>
	<AANLkTinGA6eGB7Tvo0bOLv0aAqbOCoq_JVx-OfAHHdNV@mail.gmail.com>
	<AANLkTin9ZoGsUhOBwy10Y4CPFcFNFO2P-35JZXH5dER2@mail.gmail.com>
	<20101001141628.GE26665@catflap.slightlystrange.org>
Date: Fri, 1 Oct 2010 10:34:15 -0400
Message-ID: <AANLkTik_EDBwbWgw-=BJuQcRHqBSJHTD80YSgUF09MqN@mail.gmail.com>
From: Kevin Wilcox <kevin.wilcox@gmail.com>
To: Free BSD Questions list <freebsd-questions@freebsd.org>
Content-Type: text/plain; charset=UTF-8
Subject: Re: router / firewall with PF and carp.
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Oct 2010 14:34:16 -0000

On 1 October 2010 10:16, Daniel Bye
<freebsd-questions@slightlystrange.org> wrote:

> On Fri, Oct 01, 2010 at 09:40:56AM -0400, Kevin Wilcox wrote:

>> Krad, I was under the impression that 'audit' from TrustedBSD is built
>> into FreeBSD. Is there a facility in OpenBSD that is "better" or is
>> there something in 'audit' that is lacking?

> I think krad is referring to the well-publicised code audit that the OpenBSD
> project conducts, rather than the TrustedBSD audit framework. As far as I
> know, OpenBSD doesn't have anything comparable, but it's a long time since I
> looked at it, so I might be typing out of me ear...

Dan, that makes perfect sense. I'm working up a BSD presentation for
the local LUG next week and the latest compare/contrast I was working
on was SELinux/GrSecurity/Pax versus TrustedBSD; my brain immediately
parsed auditing as an audit trail, not the immense code audit for the
base system.

Thanks for the reality check!!

kmw