Can pf be used on F9?
Would there be any advantage or disadvantage in doing so?
Thanks.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Dave Feustel wrote:
| Can pf be used on F9?
Doesn't iptables do what you need?
| Would there be any advantage or disadvantage in doing so?
The linux kernel is designed for iptables, I don't know what surgery you'd have to do to fit pf in instead.
N.B. I have both linux (iptables) and FreeBSD (pf) machines here, and haven't seen any compelling reason to prefer one over the other.
- --
- -John (john@os2.dhs.org)
On Wed, Oct 01, 2008 at 08:54:53AM -0500, John Thompson wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Dave Feustel wrote:
| Can pf be used on F9?
Doesn't iptables do what you need?
| Would there be any advantage or disadvantage in doing so?
The linux kernel is designed for iptables, I don't know what surgery you'd have to do to fit pf in instead.
N.B. I have both linux (iptables) and FreeBSD (pf) machines here, and haven't seen any compelling reason to prefer one over the other.
- -John (john@os2.dhs.org)
Thanks for the info. I'm familiar with pf but not with iptables. I guess I will read up about iptables for f9.
Dave Feustel wrote: Can pf be used on F9?
Would there be any advantage or disadvantage in doing so?
Advantages: - the config is human-friendly, and uniform across any BSD version unlike iptables's non-standardised config and the non-human-readable iptables-save output - it has a clean and intuitive, natural language-like syntax, its rules equivalent to iptables' tend to be much shorter and easier to understand by newbies(also see Ubuntu's ufw) - the config file can be checked for syntax correctness before being applied - provides an integrated shaper Disadvantages: Not Invented Here or license divergence that caused a rewrite instead of using/porting existing software. You can also see Alsa vs. Open Sound System, BTRFS vs ZFS. :lol: