[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipf



Misc,

Does anyone know the status of IPFW regarding its
ability to exist as a filtering bridge.  This was one
feature that was lacking when I first began building
firewalls and led me to choose OpenBSD/IPF vs
FreeBSD/IPFW.

I have been running a several filtering bridges for 6
months with OpenBSD 2.8 and it works like a charm.  I
was seriously looking forward to 2.9 as it fixes a few
of the serial console buglets I have encountered, but
now I am worried that ipf won't be supported (with
respect to security patches) anymore.  Will we
continue to see security related patches to the IPF in
2.9???

Thanks,

Keehan


Note: forwarded message attached.
Get personalized email addresses from Yahoo! Mail - only $35 
a year!  http://personal.mail.yahoo.com/
X-Apparently-To: keehan_mallon_(_at_)_yahoo_(_dot_)_com via web11205; 30 May 2001 08:42:40 -0700 (PDT)
Return-Path: <owner-misc_(_at_)_openbsd_(_dot_)_org>
X-Track: -10
Received: from openbsd.cs.colorado.edu (128.138.192.83)
	by mta421.mail.yahoo.com with SMTP; 30 May 2001 08:42:38 -0700 (PDT)
Received: from localhost (domo_(_at_)_localhost)
	by openbsd.cs.colorado.edu (8.11.3/8.10.1) with SMTP id f4UFfcb08684; Wed, 30 May 2001 09:41:38 -0600 (MDT)
Received: by openbsd.org (TLB v0.11a (1.26 tibbs 1998/09/22 04:41:41)); Wed, 30 May 2001 09:36:39 -0600 (MDT)
Received: (from domo_(_at_)_localhost)
	by openbsd.cs.colorado.edu (8.11.3/8.10.1) id f4UFab901899
	for misc-list; Wed, 30 May 2001 09:36:37 -0600 (MDT)
Received: from tech.saecos.com ([12.99.187.66])
	by openbsd.cs.colorado.edu (8.11.3/8.10.1) with ESMTP id f4UFaY229089
	for <misc_(_at_)_openbsd_(_dot_)_org>; Wed, 30 May 2001 09:36:34 -0600 (MDT)
Received: from saecos.com (IDENT:mjinks_(_at_)_titan_(_dot_)_saecos_(_dot_)_com [192.168.10.12])
	by tech.saecos.com (8.9.1/8.9.1) with ESMTP id KAA23208
	for <misc_(_at_)_openbsd_(_dot_)_org>; Wed, 30 May 2001 10:36:28 -0500
Message-ID: <3B15137C_(_dot_)_2070207_(_at_)_saecos_(_dot_)_com>
Date: Wed, 30 May 2001 10:36:28 -0500
From: "Michael R. Jinks" <mjinks_(_at_)_saecos_(_dot_)_com>
Organization: Saecos Corporation
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.4-same i686; en-US; 0.8.1) Gecko/20010421
X-Accept-Language: en
MIME-Version: 1.0
To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: ipf
References: <200105292005_(_dot_)_f4TK5h101709_(_at_)_static-ip-138_(_dot_)_sihope_(_dot_)_com> <0GE500BDMGZ9L8_(_at_)_mta4_(_dot_)_rcsntx_(_dot_)_swbell_(_dot_)_net> <20010530102300_(_dot_)_A30699_(_at_)_sancho_(_dot_)_cepheid_(_dot_)_org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 8bit
Sender: owner-misc_(_at_)_openbsd_(_dot_)_org
Precedence: bulk
X-Loop: misc_(_at_)_openbsd_(_dot_)_org
Content-Length: 382

So, are there any reasonable second-choice alternatives?  I don't know 
of any, but maybe that's just because IPF eclipsed them previous to this?

Dear Bog in heaven, PLEASE don't say I have to go back to Linux 
firewalls... ;)



Erik Osterholm wrote:

> or just go with
> what OpenBSD will have as default.


-- 
~~~Michael Jinks, IB // Technical Entity // Saecos Corporation~~~~