Re: [Full-Disclosure] OpenBSD 'pf' port (was FreeBSD heap to Linux)

From: Filipe A. (incognito_at_patria.ath.cx)
Date: 01/29/04

  • Next message: SGI Security Coordinator: "[Full-Disclosure] userland binary vulnerabilities on IRIX"
    To: Full-Disclosure <full-disclosure@lists.netsys.com>
    Date: Thu, 29 Jan 2004 17:44:23 +0000
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Jeremiah Cornelius wrote:

    |>>What could you get from pf that you couldn't get from iptables (I've
    |>>not played with the little devil yet)?
    |
    | Human-readable syntax.
    |
    | Lucid syntax is an indispensable security measure. Errors should be
    GLARING
    | and obvious!

    ~ Apart from such subjective feature could you point us to any real
    reference/test regarding PF vs netfilter? I've used both. I don't have a
    problem with iptables syntax which I find more "objective" than PF's.
    But I'd like to read an unbiased comparative article on performance and
    detailed features that would clearly state the advantages of either one.

    best regards
    -----BEGIN PGP SIGNATURE-----

    iD8DBQFAGUZ2Gm5OYk54E24RAiEUAJ9f0c9XbzT5yeeeP8bPZdgGe/Ma9wCfTn5c
    wCWnvRM9J3IEMevxYluzuF0=
    =DTYX
    -----END PGP SIGNATURE-----

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: SGI Security Coordinator: "[Full-Disclosure] userland binary vulnerabilities on IRIX"

    Relevant Pages

    • Re: IPTABLES PROBLEM
      ... that you are using your linux iptables box to do ip masq for your home ... you already have the first rule for the PREROUTING table, ... syntax is a moot point, ... masq, etc.., if you aren't, you probably have another sort of problem) by adding ...
      (comp.security.firewalls)
    • Re: IP tables script, multiple IPs ?
      ... > I have written a script to setup my iptables and I only want to give certain ... > IP's from different networks access to my webserver. ... > but I don't have the syntax down yet. ...
      (comp.os.linux.security)
    • Re: IP tables script, multiple IPs ?
      ... > I have written a script to setup my iptables and I only want to give certain ... > IP's from different networks access to my webserver. ... > but I don't have the syntax down yet. ...
      (comp.os.linux.security)
    • Re: Linux hardware firewall question
      ... You mean unbreakable like Oracle is unbreakable? ... > syntax is alot easier than iptables... ... I prefer iptables syntax to ipf and pf. ...
      (Security-Basics)