Date: Sat, 12 Aug 2006 21:23:04 -0500 From: "Travis H." <solinym@gmail.com> To: "Bill Marquette" <bill.marquette@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: firewall Message-ID: <d4f1333a0608121923m4a1554bbt7636478bde57da55@mail.gmail.com> In-Reply-To: <55e8a96c0608120657j68242447nb247b7fa44c7ac67@mail.gmail.com> References: <20060812040200.F7HM8VPAHU@priv-edtnaa05.telusplanet.net> <55e8a96c0608120657j68242447nb247b7fa44c7ac67@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
As I remember it, the only feature IPFilter had that I used that pf doesn't have was the ability to simulate throwing packets at it and see what their disposition is. I wrote a test harness to check the sanity of my firewalls, before committing them to CVS. I highly recommend switching to pf. I haven't followed ipfilter, but it's encumbered and last I checked (a _long_ time ago), it didn't have packet scrubbing or nearly 50% of the features of pf. -- "If you're not part of the solution, you're part of the precipitate." Unix "guru" for rent or hire -><- http://www.lightconsulting.com/~travis/ GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d4f1333a0608121923m4a1554bbt7636478bde57da55>