Date: Fri, 23 Dec 2005 16:28:10 +0200 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: kirubiru <kirubiru@hotpop.com> Cc: freebsd-doc@FreeBSD.org Subject: Re: handbook/firewalls-apps.html Message-ID: <20051223142809.GB56090@flame.pc> In-Reply-To: <43AB738A.70702@hotpop.com> References: <43AB738A.70702@hotpop.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2005-12-22 23:48, kirubiru <kirubiru@hotpop.com> wrote: > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-apps.html > > "...different people have different requirements and preferences." > > How about giving some simple characteristic of each? > > PF is secure, IPFW is easy to administer, etc. Something to help me > pick one. Bye all. I don't think "more secure" is something we should easily write in an official document, like the Handbook. The three firewalls that work on FreeBSD now are equally 'secure' when it comes to blocking unwanted access. Ease of administration is something extremely subjective too. Some may find IPFW easier to administer, because they have spent a lot of time reading the ipfw(8), natd(8) and dummynet(4) documentation, written thousands of lines of rules for dozens of machines using IPFW and DUMMYNET, etc. Others may tell you that PF is easier to administer, because they use it a lot and feel more comfortable with it. Then, some people, especially those who find themselves working with Solaris or other machines that support IPFILTER too, will tell you that IPFILTER is the one they feel more acquainted with. It's all a matter of what features you need and what *you* feel nice working with, I guess. - Giorgos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051223142809.GB56090>