From owner-freebsd-questions@FreeBSD.ORG Fri Oct 1 14:45:05 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B2C7B106566C for ; Fri, 1 Oct 2010 14:45:05 +0000 (UTC) (envelope-from kraduk@gmail.com) Received: from mail-fx0-f54.google.com (mail-fx0-f54.google.com [209.85.161.54]) by mx1.freebsd.org (Postfix) with ESMTP id 3D1778FC0A for ; Fri, 1 Oct 2010 14:45:03 +0000 (UTC) Received: by fxm9 with SMTP id 9so2662607fxm.13 for ; Fri, 01 Oct 2010 07:45:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=BNbInxhtjIpVGZZGlR2yHVhufJKZMn4mFI11BLnjvn0=; b=l2NMv10j0B+rX9vcR5Zr99To+YF2RAz7BbCnqH2KKwrzC2qix7y2qWe1qPDrKM74jE 9es7Ca5u2Z7FzsWhFwPg0VAvf39v9nWdUUvj5X/SQihNB3KKlZheeEFriAZX1QPrGf8S 79muj2BmS9MWvr/HCn/OUOZE/xUHAKagTVskg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=va4rp+yVmKIMR8uEAfJD3RXNPiLR5HJ9qRIFDuWJr6AScS9YHIdsjAox2HoLo6srhM QA2mmtLXObceF1nxeBAI2MyGBZUdG0M3oJOQkJmIPLD1Sw5C3iis2mth9IeaFVSfIwyc QwjbhoOsLapnpoRSw0b2GwY/jHK58uJs8UQkI= MIME-Version: 1.0 Received: by 10.103.213.8 with SMTP id p8mr2247682muq.105.1285944303076; Fri, 01 Oct 2010 07:45:03 -0700 (PDT) Received: by 10.103.68.9 with HTTP; Fri, 1 Oct 2010 07:45:03 -0700 (PDT) In-Reply-To: References: <20101001001926.6ef8aa93@davenulle.org> <20101001141628.GE26665@catflap.slightlystrange.org> Date: Fri, 1 Oct 2010 15:45:03 +0100 Message-ID: From: krad To: Kevin Wilcox Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Free BSD Questions list Subject: Re: router / firewall with PF and carp. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Oct 2010 14:45:05 -0000 On 1 October 2010 15:34, Kevin Wilcox wrote: > On 1 October 2010 10:16, Daniel Bye > wrote: > > > On Fri, Oct 01, 2010 at 09:40:56AM -0400, Kevin Wilcox wrote: > > >> Krad, I was under the impression that 'audit' from TrustedBSD is built > >> into FreeBSD. Is there a facility in OpenBSD that is "better" or is > >> there something in 'audit' that is lacking? > > > I think krad is referring to the well-publicised code audit that the > OpenBSD > > project conducts, rather than the TrustedBSD audit framework. As far as I > > know, OpenBSD doesn't have anything comparable, but it's a long time > since I > > looked at it, so I might be typing out of me ear... > > Dan, that makes perfect sense. I'm working up a BSD presentation for > the local LUG next week and the latest compare/contrast I was working > on was SELinux/GrSecurity/Pax versus TrustedBSD; my brain immediately > parsed auditing as an audit trail, not the immense code audit for the > base system. > > Thanks for the reality check!! > > kmw > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > I know what you mean, whenever i have worked with SELINUX policies and the bsd MAC framework, it has fried my brain a little 8)