[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Create a canned "Firewall Build" or RFHH
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Create a canned "Firewall Build" or RFHH
- From: Henning Brauer <lists-openbsd_(_at_)_bsws_(_dot_)_de>
- Date: Fri, 22 Feb 2002 11:24:52 +0100
- Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
On Fri, Feb 22, 2002 at 01:48:25AM -0700, Theo de Raadt wrote:
> > On Thu, Feb 21, 2002 at 06:49:30PM -0500, Peter Masloch wrote:
> > > > > we're causing businesses to run less securely than they would
> > > > > if a truly easy-to-set-up OpenBSD firewall were available.
> > > > By their very nature firewalls should not be plug and play. If you can't
> > > > figure out what every line of your pf rules do, you shouldn't be setting
> > > I believe there is already a CD which you can use to start out with:
> > > OpenBSD 3.0 IPF
> > > I know, it is not a complete fw but a good start.
> > Is there any big bifference in using that instead of the default OpenBSD
> > 3.0 distribution. Yes, IPF has been in the game a loger time, but
> > OpenBSD 3.0 has worked good too.
> Well, I think you might as well get used to pf.
Plus, you will get a hughe performance increase. pf performs by more han
factor 4 better than IPF for me.
Unix is very simple, but it takes a genius to understand the simplicity.
Visit your host, monkey.org