Re: [Full-Disclosure] OpenBSD 'pf' port (was FreeBSD heap to Linux)

From: Filipe A. (incognito_at_patria.ath.cx)
Date: 01/29/04

  • Next message: SGI Security Coordinator: "[Full-Disclosure] userland binary vulnerabilities on IRIX"
    To: Full-Disclosure <full-disclosure@lists.netsys.com>
    Date: Thu, 29 Jan 2004 17:44:23 +0000
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Jeremiah Cornelius wrote:

    |>>What could you get from pf that you couldn't get from iptables (I've
    |>>not played with the little devil yet)?
    |
    | Human-readable syntax.
    |
    | Lucid syntax is an indispensable security measure. Errors should be
    GLARING
    | and obvious!

    ~ Apart from such subjective feature could you point us to any real
    reference/test regarding PF vs netfilter? I've used both. I don't have a
    problem with iptables syntax which I find more "objective" than PF's.
    But I'd like to read an unbiased comparative article on performance and
    detailed features that would clearly state the advantages of either one.

    best regards
    -----BEGIN PGP SIGNATURE-----

    iD8DBQFAGUZ2Gm5OYk54E24RAiEUAJ9f0c9XbzT5yeeeP8bPZdgGe/Ma9wCfTn5c
    wCWnvRM9J3IEMevxYluzuF0=
    =DTYX
    -----END PGP SIGNATURE-----

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: SGI Security Coordinator: "[Full-Disclosure] userland binary vulnerabilities on IRIX"